Cybercrime, Purple Fox is now spread as a worm
Guardicore cybersecurity experts: The malware uses indiscriminate port scanning and exploitation of exposed SMB services with weak passwords and hashes.
Cybercrime, new phishing attack via fake purchase order
Victims, through an HTML attachment, are directed to a false tailored Adobe pdf online website to “view the file”. The goal is to steal credentials.
Cyber Espionage, an APT used at least 11 zero-days exploits in less than a year
The cybersecurity expert Maddie Stone: It used “watering hole” attacks to redirect specific targets to a pair of exploit servers delivering malware on Windows, iOS, and Android.
Cybercrime, REvil now can encrypt files in Windows Safe Mode
The cybersecurity expert MalwareHunterTeam discovered a ransomware sample with a command-line, which forces the computer to reboot before encrypting.
Cyber Warfare, UK will have its National Cyber Force
Johnson: It conducts offensive cyber operations against terrorists, hostile states and criminal gangs. It will be located in North West.
Cybercrime, PYSA ransomware targets education institutions in US-UK
The FBI cybersecurity experts: the malware (aka Mespinoza) can exfiltrate data, and encrypting critical files and data stored on the systems.
Cybercrime, Microsoft released “One-Click Mitigation Tool” on Exchange Servers vulnerabilities
The cybersecurity experts: Customers will automatically mitigate CVE-2021-26855 on any server on which it is deployed. However, it’s not a replacement for the patch.
Cybercrime, the DearCry ransomware exploits the Microsoft Exchange Server vulnerabilities
Palo Alto Networks cybersecurity experts: The malware uses AES-256 and RSA-2048 to encrypt files, and the ransom note includes 2 email addresses to contact for pay.
Cybercrime, attack on Facebook users in Italy via “looks like you”
Fake TikTok video with the comment sent by real (unsuspecting) users to contact lists. The operation leads to the Topsietegames YouTube channel.
Cybercrime, RedXOR is a new malware which targets Linux systems
Intezer cybersecurity experts: It’s a backdoor linked to the Chinese state-sponsored hacking collective Winnti. It has meny capabilities and can be updated.