Bradley Barth SC Media | Page 2 of 72

Bradley Barth

Senior Reporter

Most recent articles by Bradley Barth

FBI warns of COVID-19 phishing scams promising stimulus checks, vaccines

The FBI’s Internet Crime Complaint Center (IC3) has issued a public service announcement warning citizens to watch out for email-based fraud and malware schemes that take advantage of the coronavirus pandemic. Among the scams to look out for are emails purporting to contain helpful information from the Centers for Disease Control and Prevention (CDC) and…

Maze ransomware attackers extort vaccine testing facility

The cybercriminal gang behind Maze ransomware has been extorting a UK-based clinical research organization that’s been preparing to play a potential role in testing vaccine candidates for the novel coronavirus, despite assurances that they would not harm any health care organizations during the COVID-19 crisis. SC Media first reported an attack on the medical center,…

Pwn2Own contest yields 13 bugs, as virtual format expands talent pool

Research teams at the Pwn2Own 2020 competition successfully exploited 13 software vulnerabilities this past week, including bugs found in products from Adobe, Apple, Microsoft, Oracle and Ubuntu. Participants earned $270,000 over the two-day event — the first Pwn2Own ever to be held virtually, as a measure to combat the rapid spread of the novel coronavirus.…

MS13-061 was scrapped after Microsoft became aware that installing it causes problems.

Report: Account takeover and data scraping attacks on e-retailers up as COVID-19 surges

Masses of global citizens have been retreating to their homes and relying on online services to stock up their domiciles during the coronavirus pandemic, and it could be having an influence on cyberattacks against websites. Researchers at application protection company PerimeterX have reported a two-month increase in account takeover attacks against online home goods retailers,…

TrickBot banking trojan introduces RDP brute forcing module

Malicious actors have created a new module for the TrickBot banking trojan that allows the malware to perform brute force attacks on Microsoft’s Remote Desktop Protocol, specifically targeting U.S. and Hong Kong IP addresses. The module, called rdpScanDll, primarily focuses on the telecommunications, education, and financial services sectors, according to a new white paper from…

Some cybercriminals consider laying off health care targets amid COVID-19 crisis

Certain members of the cybercriminal community, including a few malware developers and operators, have reportedly expressed a willingness to avoid attacking health care companies and other organizations that are key to battling the COVID-19 pandemic. Meanwhile, two cyber firms have pledged to offer free services to health care organizations hit by ransomware. BleepingComputer this week…

Report: NutriBullet’s website injected with skimmer three times by Magecart Group 8

Since February, a prominent Magecart cybercriminal group has injected the same Java-based payment card skimmer program not one, not two, but three times into the compromised international website of blender manufacturer NutriBullet, researchers from RiskIQ have reported. Each time a skimmer was removed from nutribullet.com, the criminal actors, known as Magecart Group 8, would reintroduce…

Spyware disguised as COVID-19 tracker app actually keeps track of users

Another malicious actor has weaponized an otherwise legitimate, interactive coronavirus tracking map created by Johns Hopkins University — this time to deliver Android spyware as part of a campaign that originates out of Libya and seemingly targets individuals within that country. The surveillanceware, known as SpyMax, comes packaged in a trojanized application named “corona live…

COVID-19 decoy doc, Cloudflare service used to spread ‘BlackWater’ malware

Researchers have uncovered a new malware campaign that uses the COVID-19 pandemic as a lure, and also abuses platform-as-a-service web infrastructure tools to apparently thwart attempts at blocking command-and-control communications. Dubbed BlackWater, the backdoor malware specifically takes advantage of Cloudflare Workers — an offering of Cloudflare, a popular provider of website operators with content delivery…

VMware advisory warns users to patch critical issue in product

VMware squashes critical code execution bug in hypervisors

VMware has updated its Workstation hosted hypervisor and Fusion software hypervisor, fixing a critical vulnerability that could be exploited to trigger arbitrary code execution or a denial of service condition. The virtualization and cloud computing software provider company also fixed two important privilege escalation flaws spread out between four of its products. Designated CVE-2020-3947, the most critical…

Next post in Vulnerabilities