Welcome to another Afternoon Dessert breakout:
Cyber Criminals Using Quantum Builder Sold on Dark Web to Deliver Agent Tesla Malware
A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT). "This campaign features enhancements and a shift toward LNK (Windows shortcut) files when compared to similar attacks in the past," Zscaler ThreatLabz researchers Niraj Shivtarkar and Avinash Kumar said in a Tuesday write-up. Sold on the dark web for €
Read more....
Improve your security posture with Wazuh, a free and open source XDR
Organizations struggle to find ways to keep a good security posture. This is because it is difficult to create secure system policies and find the right tools that help achieve a good posture. In many cases, organizations work with tools that do not integrate with each other and are expensive to purchase and maintain. Security posture management is a term used to describe the process of
Read more....
WhatsApp “zero-day exploit” news scare – what you need to know
Is WhatsApp currently under active attack by cyercriminals? Is this a clear and current danger? How worried should WhatsApp users be?
Read more....
Leaked LockBit 3.0 builder used by ‘Bl00dy’ ransomware gang in attacks
The relatively new Bl00Dy Ransomware Gang has started to use a recently leaked LockBit ransomware builder in attacks against companies. [...]
Read more....
Russia demands answers after Apple kicks VK apps from App Store
Russian telecom watchdog Roskomnadzor demanded explanations today from Apple regarding the removal of all VK apps, including the app for the country's largest social network VKontakte, from its App Store on Monday. [...]
Read more....
Cryptominers hijack $53 worth of system resources to earn $1
Security researchers estimate that the financial impact of cryptominers infecting cloud servers costs victims about $53 for every $1 worth of cryptocurrency threat actors mine on hijacked devices. [...]
Read more....
Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems
A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office (SOHO) routers, and enterprise servers into its botnet. "Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically propagate through
Read more....
Optus breach – Aussie telco told it will have to pay to replace IDs
Licence compromised? Passport number burned? Need a new one? Who's going to pay?
Read more....
Wazuh - The free and open source XDR platform
Wazuh is a free and open source security platform that provides unified SIEM and XDR protection. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. Wazuh is one of the fastest growing open source security solutions, with over 10 million downloads per year. [...]
Read more....
Ethernet VLAN Stacking flaws let hackers launch DoS, MiTM attacks
Four vulnerabilities in the widely adopted 'Stacked VLAN' Ethernet feature allows attackers to perform denial-of-service (DoS) or man-in-the-middle (MitM) attacks against network targets using custom-crafted packets. [...]
Read more....
New Chaos malware infects Windows, Linux devices for DDoS attacks
A quickly expanding botnet called Chaos is targeting and infecting Windows and Linux devices to use them for cryptomining and launching DDoS attacks. [...]
Read more....
Stealthy hackers target military and weapons contractors in recent attack
Security researchers have discovered a new campaign targeting multiple military contractors involved in weapon manufacturing, including an F-35 Lightning II fighter aircraft components supplier. [...]
Read more....
Google to test disabling Chrome Manifest V2 extensions in June 2023
Developers of extensions for Google Chrome can keep their hopes up that the transition from Manifest V2 to V3 will be as gradual as possible, helping to minimize the negative impact on the community of users. [...]
Read more....
Auth0 warns that some source code repos may have been stolen
Authentication service provider and Okta subsidiary Auth0 has disclosed what it calls a "security event" involving some of its code repositories. [...]
Read more....
Cyber Criminals Using Quantum Builder Sold on Dark Web to Deliver Agent Tesla Malware
A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT). "This campaign features enhancements and a shift toward LNK (Windows shortcut) files when compared to similar attacks in the past," Zscaler ThreatLabz researchers Niraj Shivtarkar and Avinash Kumar said in a Tuesday write-up. Sold on the dark web for €
Read more....
Improve your security posture with Wazuh, a free and open source XDR
Organizations struggle to find ways to keep a good security posture. This is because it is difficult to create secure system policies and find the right tools that help achieve a good posture. In many cases, organizations work with tools that do not integrate with each other and are expensive to purchase and maintain. Security posture management is a term used to describe the process of
Read more....
WhatsApp “zero-day exploit” news scare – what you need to know
Is WhatsApp currently under active attack by cyercriminals? Is this a clear and current danger? How worried should WhatsApp users be?
Read more....
Leaked LockBit 3.0 builder used by ‘Bl00dy’ ransomware gang in attacks
The relatively new Bl00Dy Ransomware Gang has started to use a recently leaked LockBit ransomware builder in attacks against companies. [...]
Read more....
Russia demands answers after Apple kicks VK apps from App Store
Russian telecom watchdog Roskomnadzor demanded explanations today from Apple regarding the removal of all VK apps, including the app for the country's largest social network VKontakte, from its App Store on Monday. [...]
Read more....
Cryptominers hijack $53 worth of system resources to earn $1
Security researchers estimate that the financial impact of cryptominers infecting cloud servers costs victims about $53 for every $1 worth of cryptocurrency threat actors mine on hijacked devices. [...]
Read more....
Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems
A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office (SOHO) routers, and enterprise servers into its botnet. "Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically propagate through
Read more....
Optus breach – Aussie telco told it will have to pay to replace IDs
Licence compromised? Passport number burned? Need a new one? Who's going to pay?
Read more....
Wazuh - The free and open source XDR platform
Wazuh is a free and open source security platform that provides unified SIEM and XDR protection. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. Wazuh is one of the fastest growing open source security solutions, with over 10 million downloads per year. [...]
Read more....
Ethernet VLAN Stacking flaws let hackers launch DoS, MiTM attacks
Four vulnerabilities in the widely adopted 'Stacked VLAN' Ethernet feature allows attackers to perform denial-of-service (DoS) or man-in-the-middle (MitM) attacks against network targets using custom-crafted packets. [...]
Read more....
New Chaos malware infects Windows, Linux devices for DDoS attacks
A quickly expanding botnet called Chaos is targeting and infecting Windows and Linux devices to use them for cryptomining and launching DDoS attacks. [...]
Read more....
Stealthy hackers target military and weapons contractors in recent attack
Security researchers have discovered a new campaign targeting multiple military contractors involved in weapon manufacturing, including an F-35 Lightning II fighter aircraft components supplier. [...]
Read more....
Google to test disabling Chrome Manifest V2 extensions in June 2023
Developers of extensions for Google Chrome can keep their hopes up that the transition from Manifest V2 to V3 will be as gradual as possible, helping to minimize the negative impact on the community of users. [...]
Read more....
Auth0 warns that some source code repos may have been stolen
Authentication service provider and Okta subsidiary Auth0 has disclosed what it calls a "security event" involving some of its code repositories. [...]
Read more....