From gbhackers.com
A new Mac ransomware strain observed targeting macOS Users through pirated versions of popular mac software shared on popular torrent sites.Users noted the malicious version of popular software that available for download on a Russian forum that dedicated to sharing piracy software links.
From securityaffairs.co
Maze ransomware operators have breached the systems of the Xerox Corporation and stolen files before encrypting them.The company did not disclose the cyberattack, but the Maze ransomware operators published some screenshots that show that a Xerox domain has been encrypted. One screenshot shows that hosts on “eu.xerox.net,” managed by Xerox Corporation, was hacked.Another screenshot shows that the ransomware operators were in the Xerox network till June 25th, 2020.
From zdnet.com
Microsoft has published on Tuesday two out-of-band security updates to patch two vulnerabilities in the Microsoft Windows Codecs Library.Tracked as CVE-2020-1425 & CVE-2020-1457, the two bugs only impact Windows 10 and Windows Server 2019 distributions.In security advisories published today, Microsoft said the two security flaws can be exploited with the help of a specially crafted image file.
From zdnet.com
Security researchers have discovered this week a new ransomware strain targeting macOS users.Named OSX.EvilQuest, this ransomware is different from previous macOS ransomware threats because besides encrypting the victim’s files, EvilQuest also installs a keylogger, a reverse shell, and steals cryptocurrency wallet-related files from infected hosts.”Armed with these capabilities, the attacker can main full control over an infected host,” said Patrick Wardle, Principal Security Researcher at Jamf. This means that even if victims paid, the attacker would still have access to their computer and continue to steal files and keyboard strokes.
From helpnetsecurity.com
Working remotely from home has become a reality for millions of people around the world, putting pressure on IT and security teams to ensure that remote employees not only remain as productive as possible, but also that they keep themselves and corporate data as secure as possible.
From helpnetsecurity.com
There has been a 200 percent increase in BEC attacks focused on invoice or payment fraud from April to May 2020, according to Abnormal Security. This sharp rise continues the trend.
From labs.bitdefender.com
Bitdefender researchers have recently found the APT group StrongPity has been targeting victims in Turkey and Syria. Using watering hole tactics to selectively infect victims and deploying a three-tier C&C infrastructure to thwart forensic investigations, the APT group leveraged Trojanized popular tools, such as archivers, file recovery applications, remote connections applications, utilities, and even security software, to cover a wide range of options that targeted victims might be seeking.