Security News

Open banking APIs handle everything from account status to fund transfers to pin changes and account services. On top of open banking driving API utilization, APIs have become a de facto standard in modern application development, with organizations often deploying thousands of APIs for a wide variety of purposes.

A Windows living-off-the-land binary known as Regsvr32 is seeing a big uptick in abuse of late, researchers are warning, mainly spreading trojans like Lokibot and Qbot. In this case, Regsvr32 is aMicrosoft-signed command line utility in Windows that allows users to register and unregister libraries.

As the most common cloud operating system, Linux is a core part of digital infrastructure and is quickly becoming an attacker's ticket into a multi-cloud environment. Current malware countermeasures are mostly focused on addressing Windows-based threats, leaving many public and private cloud deployments vulnerable to attacks that target Linux-based workloads, VMware reveals.

Troy Gill, senior manager of threat intelligence at Zix, discusses how spoofing is evolving and what to do. Over the last couple of months, the Zix Threat Research team has observed threat actors using new tactics to spoof logistics and supply-chain companies, hoping for an easy compromise.

Scammers are taking advantage of the focus on COVID-19 testing and the need for at-home test kits, says Barracuda Networks. A recent blog post from security firm Barracuda Networks looks at the rise in phishing campaigns that exploit the concerns over such testing.

Dark Web forum posts uncovered by Trustwave show that the recent arrests in Russia have triggered major concerns among fellow criminals. It's these arrests that appear to be causing fear among other cybercriminals.

The Omicron variant has contributed to a 521 per cent rise in COVID test related scam emails between October 2021 and January 2022, according to Barracuda Networks. One of the most common scams include offers to sell counterfeit or unauthorised COVID tests, and other medical supplies such as masks or gloves.

Organizations running sophisticated virtual networks with VMware's vSphere service are actively being targeted by cryptojackers, who have figured out how to inject the XMRig commercial cryptominer into the environment, undetected.Uptycs' Siddharth Sharma has released research showing threat actors are using malicious shell scripts to make modifications and run the cryptominer on vSphere virtual networks.

VPNLab.net, a VPN provider that was used by malicious actors to deploy ransomware and facilitate other cybercrimes, was taken offline following a coordinated law enforcement operation. Europol said it took action against the misuse of the VPN service by grounding 15 of its servers on January 17 and rendering it inoperable as part of a disruptive action that took place across Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the U.S., and the U.K. A second outcome of the seizure is that at least 100 businesses that have been identified as at risk of impending cyber attacks are being notified.

Cybercrime continues to be a major concern, with 51% of SMEs experiencing a cybersecurity breach, a Markel Direct survey reveals. In this survey that polled 1000 respondents, Markel Direct explored the issue of cybercrime and its impact on the self-employed and SMEs.