Since Google announced its campaign to auto-enrol users for 2-step verification last year, Google has auto-enrolled more than 150 million users in 2 step-verification. Google also stated that the auto-enrolment reduced account hijacking. An excerpt from the note, “the number…
Execution flaws in Google Drive integrations created server-side request forgery (SSRF) vulnerabilities in a mixture of applications, a security researcher has disclosed. This included Dropbox’s digital signature platform, HelloSign, but “by far the finest” SSRF was completed via CRLF and…
Attackers use socially engineered emails with .ppam file attachments that hide malware that can rewrite Windows registry settings on targeted machines. The attacker used under-the-radar PowerPoint files to hide malicious executables that can rewrite Windows registry settings to take over…
An advanced persistent threat (APT) group having political ambitions has added a new remote access trojan (RAT) to its malware arsenal. The RAT is an espionage attack targeting Indian military and diplomatic entities. Trend Micro has called the malware CapraRAT;…
Taiwanese financial instiutions have been on the radar of a Chinese advanced persistent threat (APT) group. The group has been running a “persistent campaign” targeting Taiwanese financial institutions. The attacks are for espionage; the attacks have planted a backdoor called…
Belgian prosecutors are investigating the hacking of oil facilities in the country’s ports, including Antwerp—Europe’s second-biggest port after Rotterdam. In Germany, prosecutors said they are looking into cyberattacks targeting oil facilities. The ransomware targeting oil facilities locked the systems and…
A threat actor, likely to be Chinese, targeted a zero-day vulnerability in the Zimbra open-source email platform. The zero-day exploitation is part of a spear-phishing program that began in December 2021. Volexity, a cybersecurity company, recorded the espionage operation in…
Microsoft revealed details of a Mac Trojan that was previously undocumented. Microsoft said the trojan underwent several changes ever since it first appeared in September 2020. The evolved trojan version has become advanced, as the article puts it, “increasing progression…
Threat actors regularly work on their attack strategy and defence measures to beat the protective measures. Solarmaker information stealer and backdoor operators have been using stealthy Windows Registry tricks to set up a deep and permanent connection with compromised systems. …
Deadbolt ransomware has got a decryption key after a few days it first appeared. However, the threat actors must provide a decryption key for it to work. Emsisoft, the security vendor, released the key. The key comes a few days…
