Welcome to another Afternoon Dessert breakout:
Upgraded Prilex Point-of-Sale malware bypasses credit card security
Security analysts have observed three new versions of Prilex this year, indicating that the authors and operators of the PoS-targeting malware are back to action. [...]
Read more....
New malware backdoors VMware ESXi servers to hijack virtual machines
Hackers have found a new method to establish persistence on VMware ESXi hypervisors to control vCenter servers and virtual machines for Windows and Linux while avoiding detection. [...]
Read more....
Researchers Uncover Covert Attack Campaign Targeting Military Contractors
A new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a multi-stage infection process designed to deploy an unknown payload on compromised machines. The highly-targeted intrusions, dubbed STEEP#MAVERICK by Securonix, also targeted a strategic supplier to the F-35 Lightning II fighter aircraft. "The attack was carried out
Read more....
Five Steps to Mitigate the Risk of Credential Exposure
Every year, billions of credentials appear online, be it on the dark web, clear web, paste sites, or in data dumps shared by cybercriminals. These credentials are often used for account takeover attacks, exposing organizations to breaches, ransomware, and data theft. While CISOs are aware of growing identity threats and have multiple tools in their arsenal to help reduce the potential risk, the
Read more....
Brazilian Prilex Hackers Resurfaced With Sophisticated Point-of-Sale Malware
A Brazilian threat actor known as Prilex has resurfaced after a year-long operational hiatus with an advanced and complex malware to steal money by means of fraudulent transactions. "The Prilex group has shown a high level of knowledge about credit and debit card transactions, and how software used for payment processing works," Kaspersky researchers said. "This enables the attackers to keep
Read more....
How to protect your Mac against ransomware and other cyberthreats
A popular myth says that "Mac's don't get viruses," but that's never quite been true — and today's Mac users face more cyberthreats than ever before. If you've got a friend or family member who thinks they don't have to worry at all about cybersecurity, pass along this article. [...]
Read more....
Brave browser to start blocking annoying cookie consent banners
The Brave browser will soon allows users to block annoying and potentially privacy-harming cookie consent banners on all websites they visit. [...]
Read more....
New Royal Ransomware emerges in multi-million dollar attacks
A new ransomware operation named Royal is quickly ramping up, targeting corporations with ransom demands ranging from $250,000 to over $2 million. [...]
Read more....
S3 Ep102: Sorting fact from fiction in hyped-up cybersecurity news stories [Audio + Transcript]
Latest episode - listen now! Tell fact from fiction in hyped-up cybersecurity news...
Read more....
Microsoft: Lazarus hackers are weaponizing open-source software
Microsoft says the North Korean-sponsored Lazarus threat group is trojanizing legitimate open-source software and using it to backdoor organizations in many industry sectors, such as technology, defense, and media entertainment. [...]
Read more....
Microsoft finally adds a Task Manager link to the Windows 11 taskbar
Microsoft has finally re-added a link to the Task Manager to the taskbar's contextual menu in the latest Windows 11 Insider preview build. [...]
Read more....
Matrix: Install security update to fix end-to-end encryption flaws
Matrix decentralized communication platform has published a security warning about two critical-severity vulnerabilities that affect the end-to-end encryption in the software development kit (SDK). [...]
Read more....
Upgraded Prilex Point-of-Sale malware bypasses credit card security
Security analysts have observed three new versions of Prilex this year, indicating that the authors and operators of the PoS-targeting malware are back to action. [...]
Read more....
New malware backdoors VMware ESXi servers to hijack virtual machines
Hackers have found a new method to establish persistence on VMware ESXi hypervisors to control vCenter servers and virtual machines for Windows and Linux while avoiding detection. [...]
Read more....
Researchers Uncover Covert Attack Campaign Targeting Military Contractors
A new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a multi-stage infection process designed to deploy an unknown payload on compromised machines. The highly-targeted intrusions, dubbed STEEP#MAVERICK by Securonix, also targeted a strategic supplier to the F-35 Lightning II fighter aircraft. "The attack was carried out
Read more....
Five Steps to Mitigate the Risk of Credential Exposure
Every year, billions of credentials appear online, be it on the dark web, clear web, paste sites, or in data dumps shared by cybercriminals. These credentials are often used for account takeover attacks, exposing organizations to breaches, ransomware, and data theft. While CISOs are aware of growing identity threats and have multiple tools in their arsenal to help reduce the potential risk, the
Read more....
Brazilian Prilex Hackers Resurfaced With Sophisticated Point-of-Sale Malware
A Brazilian threat actor known as Prilex has resurfaced after a year-long operational hiatus with an advanced and complex malware to steal money by means of fraudulent transactions. "The Prilex group has shown a high level of knowledge about credit and debit card transactions, and how software used for payment processing works," Kaspersky researchers said. "This enables the attackers to keep
Read more....
How to protect your Mac against ransomware and other cyberthreats
A popular myth says that "Mac's don't get viruses," but that's never quite been true — and today's Mac users face more cyberthreats than ever before. If you've got a friend or family member who thinks they don't have to worry at all about cybersecurity, pass along this article. [...]
Read more....
Brave browser to start blocking annoying cookie consent banners
The Brave browser will soon allows users to block annoying and potentially privacy-harming cookie consent banners on all websites they visit. [...]
Read more....
New Royal Ransomware emerges in multi-million dollar attacks
A new ransomware operation named Royal is quickly ramping up, targeting corporations with ransom demands ranging from $250,000 to over $2 million. [...]
Read more....
S3 Ep102: Sorting fact from fiction in hyped-up cybersecurity news stories [Audio + Transcript]
Latest episode - listen now! Tell fact from fiction in hyped-up cybersecurity news...
Read more....
Microsoft: Lazarus hackers are weaponizing open-source software
Microsoft says the North Korean-sponsored Lazarus threat group is trojanizing legitimate open-source software and using it to backdoor organizations in many industry sectors, such as technology, defense, and media entertainment. [...]
Read more....
Microsoft finally adds a Task Manager link to the Windows 11 taskbar
Microsoft has finally re-added a link to the Task Manager to the taskbar's contextual menu in the latest Windows 11 Insider preview build. [...]
Read more....
Matrix: Install security update to fix end-to-end encryption flaws
Matrix decentralized communication platform has published a security warning about two critical-severity vulnerabilities that affect the end-to-end encryption in the software development kit (SDK). [...]
Read more....