In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 29 to April 04, 2020. Threat actors exploit the interest in the COVID19 outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. March 30, 2020 – […]
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Coronavirus-themed attacks March 22 â March 28, 2020 FIN7 hackers target enterprises with weaponized USB drives via USPS Source code of Dharma ransomware now surfacing on public hacking forums Crooks leverage Zooms popularity in Coronavirus outbreak to serve […]
Researchers spotted a new Coronavirus-themed attack, the messages pretend to be sent from the World Health Organization to deliver Lokibot infostealer. Security experts at FortiGuard Labs discovered a new Coronavirus-themed campaign using alleged messages from the World Health Organization (WHO) to deliver the LokiBot trojan. The campaign was uncovered on March 27 when the researchers […]
Microsoft declared that an Emotet attack took down an organization’s network by overheating all the computers and bringing its Internet access down. Microsoft shared details of the Emotet attack suffered by an organization named Fabrikam in the Microsoft’s Detection and Response Team (DART) Case Report 002, where Fabrikam is a fake name the IT giant […]
Experts revealed that an unauthorized party compromised more than 200 million user records hosted somewhere within the U.S. in a Google Cloud database. Many people are now so accustomed to cloud computing that they use it multiple times per day, whether to collaborate with co-workers, log into email accounts or do other everyday tasks. The convenience is […]
RiskIQ researchers spotted a new ongoing Magecart campaign that already compromised at least 19 different e-commerce websites. Researchers from security firm RiskIQ have uncovered a new ongoing Magecart campaign that already compromised at least 19 different e-commerce websites to steal customers’ payment card data. The experts discovered a new software skimmer, dubbed “MakeFrame,” that injects […]
Twitter discloses a privacy issue in the way the Mozilla Firefox cached private files sent or received via DM for up to 7 days. Twitter admitted that the private files sent via Twitter DMs were cached inside the users’ Firefox browsers for up to seven days, even if users have logged off. The problem is […]
An authenticated stored cross-site scripting (XSS) vulnerability could allow attackers to create rogue admins on WordPress sites using Contact Form 7 Datepicker plugin. Administrators of WordPress sites using the Contact Form 7 Datepicker plugin are recommended to remove or deactivate it to prevent attackers from exploiting a stored cross-site scripting (XSS) vulnerability to create rogue […]
An APT group is exploiting the flaws patched earlier this year in Firefox and Internet Explorer in attacks aimed at China and Japan. An APT group is exploiting two vulnerabilities patched earlier this year in Firefox and Internet Explorer in attacks aimed at China and Japan. The first issue, tracked as CVE-2019-17026, affects the Firefox […]
A recently discovered strain of malware exploits the current COVID19 pandemic to render computers unusable by overwriting the MBR. SonicWallâs security researchers have discovered a new piece of malware that exploits the current COVID19 outbreak to render computers unusable by overwriting the master boot record (MBR). Unfortunately, this is one of the numerous attacks conducted by […]