From helpnetsecurity.com
Despite a marked increase in concerns around malware attacks and third-party risk, only 8% of organizations with web applications for file uploads have fully implemented the best practices for file upload security, a report from OPSWAT reveals.
From gbhackers.com
The security researchers of Microsoft have reported about a new phishing campaign that they have detected recently, and they have also claimed that this campaign is quite big and is stealing the login credentials.
After detecting this phishing campaign, soon the experts initiated the investigation, however, they declared that this campaign attaches the open redirector links in the email communications that behave as a vector.
However, the main motive of using such vectors is to trick users into visiting malicious websites so that the threat actors can bypass the security software effectively.
Iwan ransomware is a malicious program designed to encrypt all personal data on the computer and then demand ransom for the return. Once inside the system, it encrypts all personal pictures, videos, documents, archives, and other files by using a strong encryption algorithm, which also appends a .iwan extension in the process. Victims can no longer access these files and require a unique key that is in possession of cybercriminals behind the ransomware. These malicious actors control your files and claim to offer a tool for recovery once the ransom of $980 is paid.
From bleepingcomputer.com
Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service (DDoS) attacks.
The messages contain a legal threat and a file stored in a Google Drive folder that allegedly provides evidence of the source of the attack.
From securityaffairs.co
Security researchers at Malwarebytes Labs have uncovered an ongoing malware campaign that is mainly targeting Russia with the Konni RAT.
The KONNI RAT was first spotted by Cisco Talos researchers in 2017, it has been undetected since 2014 and was employed in highly targeted attacks. The RAT was able to avoid detection due to continuous evolution, it is able of executing arbitrary code on the target systems and stealing data.
The Konni RAT has been attributed to North Korea-linked threat actors tracked as Thallium and APT37.
From itproportal.com
Ransom attacks dominate cybercrime headlines. May’s Colonial Pipeline attack reduced US east coast fuel supply by 45 percent, resolved only by a $4.4 million ransom payment. In the weeks that followed, President Joe Biden even went as far as calling on Vladimir Putin to move against ransomware groups operating from Russia.
From itproportal.com
Passwords and PINs have become a ubiquitous part of our daily lives; we use them at ATMs, to unlock our phones and to access various online accounts. This solution has, however, given rise to its own set of password-associated problems. How do we manage to remember all the different combinations that give us access to our vital information or services? To add to this, when thinking of a PIN code, do you typically remember the specific numbers, or do your fingers automatically follow a pattern? With the associated complexity expectations for passwords constantly developing, users are finding it increasingly difficult to manage their various accounts while remaining secure.