Security News

CISA has added 12 more security flaws to its list of bugs exploited in attacks, including two critical D-Link vulnerabilities and two zero-days in Google Chrome and the Photo Station QNAP software. The Google Chrome zero-day was patched on September 2nd via an emergency security update after the company was made aware of in-the-wild exploitation.

DUCK. I'm doing very, very well, thank you, Douglas! A messy thing that is bugging people is the question of this TikTok thing.

Microsoft's threat intelligence division on Wednesday assessed that a subgroup of the Iranian threat actor tracked as Phosphorus is conducting ransomware attacks as a "Form of moonlighting" for personal gain. "DEV-0270 leverages exploits for high-severity vulnerabilities to gain access to devices and is known for the early adoption of newly disclosed vulnerabilities," Microsoft said.

Zerify announced the findings of a survey that indicate that IT professionals are becoming increasingly concerned about the growing number of cyber threats and foreign attacks capable of impacting video conferencing. NIST developed a framework for zero trust architecture that should be considered for video conferencing.

Most contemporary ransomware attacks involve two groups of criminals: a core gang who create the malware and handle the extortion payments, and "Members" of a loose-knit clan of "Affiliates" who actively break into networks to carry out the attacks. Regular readers of Naked Security will know that some victims, notably home users and small business, end up getting blackmailed via their NAS, or networked attached storage devices.

Former members of the Conti cybercrime cartel have been implicated in five different campaigns targeting Ukraine from April to August 2022. One of the prominent campaigns undertaken by the group in June 2022 entailed the abuse of Follina vulnerability in the Windows operating system to deploy CrescentImp and Cobalt Strike Beacons on to targeted hosts in media and critical infrastructure entities.

Outdoor apparel brand 'The North Face' was targeted in a large-scale credential stuffing attack that has resulted in the hacking of 194,905 accounts on the thenorthface.com website.A credential stuffing attack is when threat actors use email addresses/usernames and password combinations obtained from data breaches to attempt to hack into user accounts on other websites.

Google says some former Conti cybercrime gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations. Google TAG says its attribution is based on multiple overlaps between UAC-0098, Trickbot, and the Conti cybercrime group.

In this Help Net Security video, Grayson Milbourne, Security Intelligence Director at OpenText Security Solutions, discusses the innovation behind social engineering campaigns and illustrates how...

FBI, CISA, and MS-ISAC warned today of U.S. school districts being increasingly targeted by the Vice Society ransomware group, with more attacks expected after the start of the new school year. "The FBI, CISA, and the MS-ISAC have recently observed Vice Society actors disproportionately targeting the education sector with ransomware attacks," today's joint advisory reads.