BU-CERT News

From cybersecurity-insiders.com

First is the news related to new ransomware dubbed Cheers that is seen targeting mainly Vmware ESXi Servers. As virtualization software allows cyber crooks to spread malware to many devices, it has become a soft target to criminal gangs spreading Lockbit, Hive, and RansomEXX.

Technically, if a machine hosts a dozen virtual machines meant to process various applications, targeting such machines by hackers makes complete sense as they will get an assured pay for either hacking the database or stealing files and then threatening to leak/sell those files onto the internet.

Read more…

From gbhackers.com

Choosing the right name for your website is critical. It is one of the first things people will see when they visit your webpage. It can make a big impression.

In this article, we will discuss 10 creative domain names for business websites. They are interesting and memorable, and will help your business stand out from the competition! But first, a few words about the key term.

Read more…

From zdnet.com

New pilot framework and toolkit will enable businesses to demonstrate their “objective and verifiable” use of artificial intelligence, says the Singapore government, which hopes to drive transparency in AI deployments through technical and process checks.

Read more…

From theregister.com

VIDEO Robot boffins have revealed they’ve created a half-millimeter wide remote-controlled walking robot that resembles a crab, and hope it will one day perform tasks in tiny crevices.

In a paper published in the journal Science Robotics , the boffins said they had in mind applications like minimally invasive surgery or manipulation of cells or tissue in biological research.

With a round tick-like body and 10 protruding legs, the smaller-than-a-flea robot crab can bend, twist, crawl, walk, turn and even jump. The machines can move at an average speed of half their body length per second – a huge challenge at such a small scale, said the boffins.

Read more…

From blog.avast.com

A new paper by the Microsoft Security Response Center explains account pre-hijacking, where attackers open an account with the victim’s email address then lie in wait for the victim eventually to join the site. Once the victim joins the site and breathes life into the account, the attacker takes full control, icing out the victim from their own account. Researchers noted five variations of this attack: the classic-federated merge attack, the unexpired session identifier attack, the trojan identifier attack, the unexpired email change attack, and the non-verifying IDP attack. For more on each, see Bleeping Computer.

Read more…

From 2-spyware.com

Geek Squad email scam was created by crooks to trick people into calling the provided number. Geek Squad is a subsidiary of Best Buy and scammers try to convince people that they have been charged $499.99 for a subscription. The main purpose of this phishing[1] attempt is to generate revenue.

When people contact fraudsters, they may try to lure out personal information, such as name, credit card details, social security number, etc. This can lead to monetary losses or even identity theft. However, crooks may also try to gain remote access to the computer by promising to “fix” their mistake.

Read more…

From securelist.com

Quarterly figures

According to Kaspersky Security Network, in Q1 2022:

• Kaspersky solutions blocked 1,216,350,437 attacks from online resources across the globe.
• Web Anti-Virus recognized 313,164,030 unique URLs as malicious.
• Attempts to run malware for stealing money from online bank accounts were stopped on the computers of 107,848 unique users.
• Ransomware attacks were defeated on the computers of 74,694 unique users.
• Our File Anti-Virus detected 58,989,058 unique malicious and potentially unwanted objects.

Read more…