Security News > 2022 > June

The XFiles info-stealer malware has added a delivery module that exploits CVE-2022-30190, aka Follina, for dropping the payload on target computers. In the case of the XFiles malware, researchers at Cyberint noticed that recent campaigns delivering the malware use Follina to download the payload, execute it, and also create persistence on the target machine.

Google's Threat Analysis Group has blocked dozens of malicious domains and websites used by hack-for-hire groups in attacks targeting high-risk targets worldwide. Hack-for-hire groups target individuals and organizations in data theft and corporate espionage campaigns, with past victims including politicians, journalists, human rights and political activists, and various other high-risk users from all over the world.

A lesser-known ransomware strain called AstraLocker has recently released its second major version, and according to threat analysts, its operators engage in rapid attacks that drop its payload directly from email attachments. The lure used by the operators of AstraLocker 2.0 is a Microsoft Word document that hides an OLE object with the ransomware payload. The embedded executable uses the filename "WordDocumentDOC.exe".

A new report from security researcher and TLS expert Scott Helme, evaluates the use of encryption across the world's top one million sites over the last six months and reveals the need for a control plane to automate the management of machine identities in increasingly complex cloud environments. 2 has declined by 13% over the last six months, with v1.3 in use by almost 50% of sites - more than twice as many sites as v1.2.

Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our defense posture. Often, there is a misguided characterization of ransomware attacks that implies defenders either completely thwart an attack or that attackers establish complete control of their targets' IT infrastructure.

Protect your browsing for life with this innovative hardware We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. The Deeper Connect Mini Decentralized VPN & Firewall Hardware is a portable cybersecurity solution that goes beyond a VPN for a one-time payment.

OpenSea, the largest non-fungible token marketplace, disclosed a data breach on Wednesday and warned users of phishing attacks that could target them in the coming days. The company's Head Of Security, Cory Hardman, said that an employee of Customer.io, the platform's email delivery vendor, downloaded email addresses belonging to OpenSea users and newsletter subscribers.

Cyber Week is a large annual international cybersecurity event, hosted each year at Tel Aviv University in Israel. In this Help Net Security video, we take you inside Cyber Week 2022.

Users may resort to using shadow IT practices when they feel that existing IT policies are too restrictive or get in the way of them being able to do their jobs effectively. Users who engage in shadow IT use can unknowingly do irreparable harm to an organization.

Pre-pandemic, most online fraud was committed by individuals or small groups and were straightforward attempts to access individual's data or business accounts or were applicant-level identity fraud. It's rarely one-and-done with fraud rings as they thrive like any other business by creating repeatable solutions and seeking out ideal "Customers." Once a fraud ring identifies a weakness in a technology, outdated legacy fraud detection stacks, or poor process and procedures in place, they'll continue to commit fraud until the vulnerability is closed.