Welcome to another Lunch Time breakout:
Android malware droppers with 130K installs found on Google Play
A set of Android malware droppers were found infiltrating the Google Play store to install malicious programs by pretending to be app updates. [...]
Read more....
Microsoft OneDrive crashes because of recent Windows 10 updates
Microsoft is investigating a known issue causing OneDrive and OneDrive for Business crashes on Windows 10 systems where customers have installed updates released earlier this month. [...]
Read more....
Hackers use Microsoft IIS web server logs to control malware
The Cranefly hacking group, aka UNC3524, uses a previously unseen technique of controlling malware on infected devices via Microsoft Internet Information Services (IIS) web server logs. [...]
Read more....
Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints
The Raspberry Robin worm is becoming an access-as-a-service malware for deploying other payloads, including IcedID, Bumblebee, TrueBot (aka Silence), and Clop ransomware. It is "part of a complex and interconnected malware ecosystem, with links to other malware families and alternate infection methods beyond its original USB drive spread," the Microsoft Security Threat Intelligence Center (MSTIC
Read more....
Implementing Defense in Depth to Prevent and Mitigate Cyber Attacks
The increased use of information technology in our everyday life and business has led to cyber-attacks becoming more sophisticated and large-scale. For organizations to thrive in this era of technology, they must develop robust security strategies to detect and mitigate attacks. Defense in depth is a strategy in which companies use multiple layers of security measures to safeguard assets. A
Read more....
Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability
Google on Thursday rolled out emergency fixes to contain an actively exploited zero-day flaw in its Chrome web browser. The vulnerability, tracked as CVE-2022-3723, has been described as a type confusion flaw in the V8 JavaScript engine. Security researchers Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast have been credited with reporting the flaw on October 25, 2022. "Google is aware of
Read more....
Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers
A recently discovered hacking group known for targeting employees dealing with corporate transactions has been linked to a new backdoor called Danfuan. This hitherto undocumented malware is delivered via another dropper called Geppei, researchers from Symantec, by Broadcom Software, said in a report shared with The Hacker News. The dropper "is being used to install a new backdoor and other tools
Read more....
Google fixes seventh Chrome zero-day exploited in attacks this year
Google has released an emergency security update for the Chrome desktop web browser to address a single vulnerability known to be exploited in attacks. [...]
Read more....
S3 Ep106: Facial recognition without consent – should it be banned?
Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!
Read more....
Android malware droppers with 130K installs found on Google Play
A set of Android malware droppers were found infiltrating the Google Play store to install malicious programs by pretending to be app updates. [...]
Read more....
Microsoft OneDrive crashes because of recent Windows 10 updates
Microsoft is investigating a known issue causing OneDrive and OneDrive for Business crashes on Windows 10 systems where customers have installed updates released earlier this month. [...]
Read more....
Hackers use Microsoft IIS web server logs to control malware
The Cranefly hacking group, aka UNC3524, uses a previously unseen technique of controlling malware on infected devices via Microsoft Internet Information Services (IIS) web server logs. [...]
Read more....
Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints
The Raspberry Robin worm is becoming an access-as-a-service malware for deploying other payloads, including IcedID, Bumblebee, TrueBot (aka Silence), and Clop ransomware. It is "part of a complex and interconnected malware ecosystem, with links to other malware families and alternate infection methods beyond its original USB drive spread," the Microsoft Security Threat Intelligence Center (MSTIC
Read more....
Implementing Defense in Depth to Prevent and Mitigate Cyber Attacks
The increased use of information technology in our everyday life and business has led to cyber-attacks becoming more sophisticated and large-scale. For organizations to thrive in this era of technology, they must develop robust security strategies to detect and mitigate attacks. Defense in depth is a strategy in which companies use multiple layers of security measures to safeguard assets. A
Read more....
Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability
Google on Thursday rolled out emergency fixes to contain an actively exploited zero-day flaw in its Chrome web browser. The vulnerability, tracked as CVE-2022-3723, has been described as a type confusion flaw in the V8 JavaScript engine. Security researchers Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast have been credited with reporting the flaw on October 25, 2022. "Google is aware of
Read more....
Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers
A recently discovered hacking group known for targeting employees dealing with corporate transactions has been linked to a new backdoor called Danfuan. This hitherto undocumented malware is delivered via another dropper called Geppei, researchers from Symantec, by Broadcom Software, said in a report shared with The Hacker News. The dropper "is being used to install a new backdoor and other tools
Read more....
Google fixes seventh Chrome zero-day exploited in attacks this year
Google has released an emergency security update for the Chrome desktop web browser to address a single vulnerability known to be exploited in attacks. [...]
Read more....
S3 Ep106: Facial recognition without consent – should it be banned?
Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!
Read more....