Threat actors are abusing the core features of the popular Discord digital communication platform to persistently deliver various types of malware-in particular remote access trojans that can take over systems-putting its 150 million users at risk, researchers have found. Researchers warn, "Many files sent across the Discord platform are malicious, pointing to a significant amount of abuse of its self-hosted CDN by actors by creating channels with the sole purpose of delivering these malicious files," according to a report published Thursday by Team RiskIQ. Initially Discord attracted gamers, but the platform is now being used by organizations for workplace communication.
The latest findings show tech support scams, which often arrive as a pop-up alert convincingly disguised using the names and branding of major tech companies, have become the top phishing threat to consumers. Tech support scams are expected to proliferate in the upcoming holiday season, as well as shopping and charity-related phishing attacks.
Acer has suffered a second cyberattack in just a week by the same hacking group that says other regions are vulnerable. Last week, threat actors known as 'Desorden' emailed journalists to say they hacked Acer India's servers and stole data, including customer information.
Obfuscation is when easy-to-understand source code is converted into a hard to understand and confusing code that still operates as intended. Obfuscation can be achieved through various means like the injection of unused code into a script, the splitting and concatenating of the code, or the use of hexadecimal patterns and tricky overlaps with function and variable naming.
Tech support scams work because they try to trick people into believing there's a serious security crisis with their computers, says Norton Labs. The tech support ruse was the number one scam described by Norton Labs in its new October Consumer Cyber Safety Pulse Report.
The U.S. Cybersecurity Infrastructure and Security Agency on Thursday warned of continued ransomware attacks aimed at disrupting water and wastewater facilities, highlighting five incidents that occurred between March 2019 and August 2021. "This activity-which includes attempts to compromise system integrity via unauthorized access-threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities," CISA, along with the Federal Bureau of Investigation, the Environmental Protection Agency, and the National Security Agency, said in a joint bulletin.
The new ransomware family, called Yanluowang, appears to still be under development and lacks some sophisticated features found in similar code. The Symantec Threat Hunter Team at Broadcom Software has discovered what appears to be a brand new family of ransomware named after the Chinese deity that judges the souls of the dead. Yanluowang is the perfect ransomware for the Halloween season, though this particular malevolent digital spirit lacks the subtlety and sophistication of some of its more established brethren.
Here's why: the OMB directs government organizations to focus on standalone systems that are connected to critical infrastructure or sensitive information but neglects a key area - the web applications that the private sector has depended on to conduct business for years. Web applications are often deeply integrated and widely accessed within companies, defying the neatly defined security borders of the standalone systems targeted by the OMB. Neglecting web application security therefore neglects a significant area of cyber risk for companies.
In a survey by BlueVoyant, 97% of people said they've been impacted by a security breach that occurred in their supply chain. How do you combat something over which you seemingly have little or no control? A report by cybersecurity provider BlueVoyant looks at supply chain security breaches and offers tips on how to prevent them.
Over the second quarter of the year, 73% of ransomware detections were related to the REvil/Sodinokibi family, while Darkside attacks expanded to more industries, McAfee says. In its latest Advanced Threat Research Report, McAfee looks at the most prominent ransomware strains for the second quarter of 2021 and offers advice on how to combat them.