From darkreading.com
The MITRE ATT&CK threat matrix is a valuable tool for security professionals to understand the various tactics and techniques employed by adversaries to exploit software and networks, from initial access to impact. The matrix covers the various stages commonly involved in a cyberattack, and the tactics exploited by attackers in each stage. Organizations can use the matrix to understand their attack surface and make sure they cover all their bases.
From itproportal.com
27-year-old Egor Igorevich Kriuchkov believed that he had his next victim in sight. Arriving in the US in July 2020 – despite the Coronavirus pandemic – he began communicating with an employee of a business via WhatsApp. Kriuchkov had a simple proposition. In exchange for the employee inserting a USB stick infected with ransomware into his company’s computer systems, Kriuchkov would pay an initial $500,000, followed by an additional $1 million once the attack was successful. Unfortunately for Kriuchkov, the employee spilled the beans and the FBI soon arrested the Russian national.
From 2-spyware.com
LeakTheMall ransomware (aka LeakThemAll) is a data locking virus that was first discovered by cybersecurity researcher Amigo-A.[1] If your computer gets infected by this malware, your data will be encrypted with a “.crypt,” “.montana,” or “.beijing” extensions. For example, “a.pdf” would become “a.pdf.crypt,” b.pdf” as “b.pdf.crypt,” and exactly the same renaming applies to the Montana virus and Beijing virus, which will apply .montana and .beijing extensions accordingly.
From en.secnews.gr
A highly sophisticated botnet is believed to have infected hundreds of thousands of websites by attacking content management platform (CMS) platforms.
Named KashmirBlack, the botnet started operating in November 2019.
Imperva security researchers – who analyzed the botnet last week – said that the primary purpose of the botnet seems to be to infect websites and then use their servers for cryptocurrency mining, redirecting a site’s traffic to spam pages and to a lesser extent the appearance of “web defacements”.
Imperva said the botnet started small, but after months of continuous development, it has grown into an advanced behemoth capable of attacking thousands of websites a day.
From 2-spyware.com
SmashTab – the toolbar that is considered a browser hijacker because it affects every online search by delivering sponsored content on the list. The application can be promoted as a great tool, useful addition to your web browser, but it manipulates settings, so every browsing session turns into redirections with commercial content and sponsored pop-ups. If you install this Toolbar yourself, you agree with those changes and other alterations that the program can make automatically. It is possible to fall for the false claims and add the extensions on purpose, but the main way to spread this intruder is software bundling.
From gadgetsnow.com
The malicious apps masquerading as Adobe Flash installer are not going to go away anytime soon as Apple has once again fixed six more such apps.
From securityaffairs.co
A ransomware attack hit a Georgia county government early this month and disabled a database used to verify voter signatures in the authentication of absentee ballots. It is a common process to validate absentee ballots sent by mail by analyzing signatures.
The media pointed out that this is the first reported case of a ransomware attack against a system used in the incoming 2020 Presidential election.