Security News

Hackers Exploiting Redis Vulnerability to Deploy New Redigo Malware on Servers
2022-12-02 11:09

A previously undocumented Go-based malware is targeting Redis servers with the goal of taking control of the infected systems and likely building a botnet network. The attacks involve taking advantage of a critical security vulnerability in the open source, in-memory, key-value store that was disclosed earlier this year to deploy Redigo, according to cloud security firm Aqua.

Domain aging gang CashRewindo picks vintage sites to push malvertising
2022-12-02 10:59

A sophisticated and very patient threat group behind a global malvertising scheme is using so-called aged domains to skirt past cybersecurity tools and catch victims in investment scams. Cybercriminals who run malvertising campaigns typically will spin up a domain and quickly put it into use.

What the CISA Reporting Rule Means for Your IT Security Protocol
2022-12-02 10:35

The new Cyber Incident Reporting for Critical Infrastructure Act of 2022 requires CISA to create rules regarding cyber incident reporting by critical infrastructure organizations. CISA will share data from cyber incident reports, including defensive measures and anonymized cyber threat indicators, with other organizations.

What the CISA Reporting Rule Means for Your IT Security Protocol
2022-12-02 10:35

The new Cyber Incident Reporting for Critical Infrastructure Act of 2022 requires CISA to create rules regarding cyber incident reporting by critical infrastructure organizations. CISA will share data from cyber incident reports, including defensive measures and anonymized cyber threat indicators, with other organizations.

Mozilla, Microsoft drop TrustCor as root certificate authority
2022-12-02 09:30

After a lengthy discussion between staff at Mozilla and Apple, security researchers and the CA itself, Mozilla program manager Kathleen Wilson said the org's concerns were "Substantiated" enough to set a distrust date of November 30 for TrustCor's root certificates. Microsoft didn't participate in the conversation; instead, TrustCor executive Rachel McPherson claimed that Microsoft had set a distrust date of November 1 for her company's certs.

Watch Out! These Android Keyboard Apps With 2 Million Installs Can be Hacked Remotely
2022-12-02 07:48

Multiple unpatched vulnerabilities have been discovered in three Android apps that allow a smartphone to be used as a remote keyboard and mouse. The apps in question are Lazy Mouse, PC Keyboard, and Telepad, which have been cumulatively downloaded over two million times from the Google Play Store.

Watch Out! These Android Keyboard Apps With 2 Million Installs Can be Hacked Remotely
2022-12-02 07:48

Multiple unpatched vulnerabilities have been discovered in three Android apps that allow a smartphone to be used as a remote keyboard and mouse. The apps in question are Lazy Mouse, PC Keyboard, and Telepad, which have been cumulatively downloaded over two million times from the Google Play Store.

Two signs in the comms cabinet said 'Do not unplug'. Guess what happened
2022-12-02 07:00

Bob proudly described to The Register that those racks were properly resilient: a pair of firewalls and two sets of switches connected to primary and secondary circuits. "One day, we got a call from the managed network provider," Bob told On-Call.

Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities
2022-12-02 06:04

The threat actors behind Cuba ransomware have received more than $60 million in ransom payments and compromised over 100 entities across the world as of August 2022. In a new advisory shared by the U.S. Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation, the agencies highlighted a "Sharp increase in both the number of compromised U.S. entities and the ransom amounts."

Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities
2022-12-02 06:04

The threat actors behind Cuba ransomware have received more than $60 million in ransom payments and compromised over 100 entities across the world as of August 2022. The ransomware crew, also known as Tropical Scorpius, has been observed targeting financial services, government facilities, healthcare, critical manufacturing, and IT sectors, while simultaneously expanding its tactics to gain initial access and interact with breached networks.