An apparent tweet from the Anonymous hacking group is claiming credit for perpetrating a cyberattack on the Atlanta police department web site, stating that the act was retaliation for the June 12 fatal police shooting of Rayshard Brooks. “Atlanta police officers involved in fatal shooting of Rayshard Brooks. @Atlanta_Police has been taken #Offline” states a…
By malware standards, the banking trojan Qbot is long in the tooth, but it still has some bite, according to researchers who say it has added some detection and research evasion techniques to its arsenal. “It has a new packing layer that scrambles and hides the code from scanners and signature-based tools,” wrote Doron Voolf,…
A malware campaign is abusing the popular machine-learning (ML) framework Kubeflow in order to target Kubernetes clusters with a crypto miner, Microsoft’s Azure Security Center (ASC) warns. Tens of clusters running on the Kubernetes open-source container orchestration system have already been impacted, the ASC notes in a blog post published this week. “Nodes that are…
Scammers often craft social engineering schemes around major crises and news events, as demonstrated by the wealth of coronavirus-themed phishing campaigns seen this year. Now, as massive U.S. and global protests continue following the May 25 killing of George Floyd at the hands of a Minneapolis police officer, a new phishing operation is attempting to…
Researchers say that a new ransomware builder tool named after the super-villain Thanos — made available for sale on dark web forums — is the first to strategically use RIPlace, a Microsoft Windows file system technique that’s known to bypass antivirus protections and endpoint detection and response solutions. The implementation of RIPlace, combined with the…
Shortly after the Maze ransomware gang teased that another threat actor would be joining its newly formed cybercrime cartel, the group has appeared to welcome the Ragnar Locker group into the fold. Maze announced a new victim on its data dump website — in this case, a marketing agency — but credited the Ragnar Locker…
Billions of Internet of Things and Local Area Network devices that rely on the Universal Plug and Play (UPnP) protocol for discovery of and interaction with other devices are vulnerable to “CallStranger,” a bug that can be exploited to exfiltrate data, launch a denial of service attack or scan ports. The Windows 10 operating system,…
Functioning point-of-concept exploit code now exists for the highly critical “SMBGhost” bug that Microsoft last March patched in its Server Message Block 3.1.1 (SMBv3) protocol, and attackers are taking advantage, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned, citing open-source reports. Designated CVE-2020-0796 and also known as EternalDarkness, the bug can result in…
A pair of Android barcode reader apps that were downloaded more than 1 million times were found to contain ad fraud malware that tries to stay hidden by generating advertisements that instantly disappear from view. The malware, detected as AndroidOS_HiddenAd.HRXJA, can operate in the background even when infected devices aren’t actively being used, and it…
Google this week introduced multiple security fixes for the desktop edition of its Chrome browser and Mozilla has also done the same for Firefox and Firefox Extended Support Release. Google’s stable channel update to version 83.0.4103.97 for Windows, Mac, and Linux has patched six bugs, four of which were rated high in severity. The most…
