Security News > 2022 > June

XFiles info-stealing malware adds support for Follina delivery
2022-06-30 13:00

The XFiles info-stealer malware has added a delivery module that exploits CVE-2022-30190, aka Follina, for dropping the payload on target computers. In the case of the XFiles malware, researchers at Cyberint noticed that recent campaigns delivering the malware use Follina to download the payload, execute it, and also create persistence on the target machine.

Google blocked dozens of domains used by hack-for-hire groups
2022-06-30 12:19

Google's Threat Analysis Group has blocked dozens of malicious domains and websites used by hack-for-hire groups in attacks targeting high-risk targets worldwide. Hack-for-hire groups target individuals and organizations in data theft and corporate espionage campaigns, with past victims including politicians, journalists, human rights and political activists, and various other high-risk users from all over the world.

AstraLocker 2.0 infects users directly from Word attachments
2022-06-30 12:12

A lesser-known ransomware strain called AstraLocker has recently released its second major version, and according to threat analysts, its operators engage in rapid attacks that drop its payload directly from email attachments. The lure used by the operators of AstraLocker 2.0 is a Microsoft Word document that hides an OLE object with the ransomware payload. The embedded executable uses the filename "WordDocumentDOC.exe".

Evaluating the use of encryption across the world’s top one million sites
2022-06-30 12:00

A new report from security researcher and TLS expert Scott Helme, evaluates the use of encryption across the world's top one million sites over the last six months and reveals the need for a control plane to automate the management of machine identities in increasingly complex cloud environments. 2 has declined by 13% over the last six months, with v1.3 in use by almost 50% of sites - more than twice as many sites as v1.2.

A Guide to Surviving a Ransomware Attack
2022-06-30 11:59

Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our defense posture. Often, there is a misguided characterization of ransomware attacks that implies defenders either completely thwart an attack or that attackers establish complete control of their targets' IT infrastructure.

Protect your browsing for life with this innovative hardware
2022-06-30 11:00

Protect your browsing for life with this innovative hardware We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. The Deeper Connect Mini Decentralized VPN & Firewall Hardware is a portable cybersecurity solution that goes beyond a VPN for a one-time payment.

OpenSea discloses data breach, warns users of phishing attacks
2022-06-30 10:05

OpenSea, the largest non-fungible token marketplace, disclosed a data breach on Wednesday and warned users of phishing attacks that could target them in the coming days. The company's Head Of Security, Cory Hardman, said that an employee of Customer.io, the platform's email delivery vendor, downloaded email addresses belonging to OpenSea users and newsletter subscribers.

Cyber Week 2022 video walkthrough
2022-06-30 08:17

Cyber Week is a large annual international cybersecurity event, hosted each year at Tel Aviv University in Israel. In this Help Net Security video, we take you inside Cyber Week 2022.

What is Shadow IT and why is it so risky?
2022-06-30 04:55

Users may resort to using shadow IT practices when they feel that existing IT policies are too restrictive or get in the way of them being able to do their jobs effectively. Users who engage in shadow IT use can unknowingly do irreparable harm to an organization.

Evolving online habits have paved the way for fraud. What can we do about it?
2022-06-30 04:30

Pre-pandemic, most online fraud was committed by individuals or small groups and were straightforward attempts to access individual's data or business accounts or were applicant-level identity fraud. It's rarely one-and-done with fraud rings as they thrive like any other business by creating repeatable solutions and seeking out ideal "Customers." Once a fraud ring identifies a weakness in a technology, outdated legacy fraud detection stacks, or poor process and procedures in place, they'll continue to commit fraud until the vulnerability is closed.