Feds: Iran Behind ‘Proud Boys’ Email Attacks on Democratic Voters
Messages that threaten people to ‘vote for Trump or else’ are part of foreign adversaries’ attempts to interfere with the Nov. 3 election, according to feds.
On the trail of the XMRig miner
As protection methods improve, the developers of miners have had to enhance their own creations, often turning to non-trivial solutions. Several such solutions (previously unseen by us) were detected during our analysis of the open source miner XMRig. How it all began: ransominer Alongside well-known groups that make money from data theft and ransomware (for…
Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks
The Feds have published a Top 25 exploits list, rife with big names like BlueKeep, Zerologon and other notorious security vulnerabilities.
Cisco Warns of Severe DoS Flaws in Network Security Software
The majority of the bugs in Cisco’s Firepower Threat Defense (FTD) and Adaptive Security Appliance (ASA) software can enable denial of service (DoS) on affected devices.
Oracle Kills 402 Bugs in Massive October Patch Update
Over half of Oracle’s flaws in its quarterly patch update can be remotely exploitable without authentication; 65 are critical, and two have CVSS scores of 10 out of 10.
Egregor Claims Responsibility for Barnes & Noble Attack, Leaks Data
The ransomware gang claims to have bought network access to the bookseller’s systems before encrypting the networks and stealing “financial and audit data.”
Cybercriminals Step Up Their Game Ahead of U.S. Elections
Ahead of the November U.S. elections, cybercriminals are stepping up their offensive in both attacks against security infrastructure and disinformation campaigns – but this time, social media giants, the government and citizens are more prepared.
Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser
The memory-corruption vulnerability exists in the browser’s FreeType font rendering library.
Life of Maze ransomware
In the past year, Maze ransomware has become one of the most notorious malware families threatening businesses and large organizations. Dozens of organizations have fallen victim to this vile malware, including LG, Southwire, and the City of Pensacola. The history of this ransomware began in the first half of 2019, and back then it didn’t…
New in TDR 5.9.0: User-Based ThreatSync Services
New in TDR 5.9.0: User-Based ThreatSync Services rarroyo Tue, 10/20/2020 – 05:43 Categories: Network Security We are excited to announce that Threat Detection and Response has a new feature to try – user-based ThreatSync services. Have you ever stared at your ThreatSync dashboard and wondered who continues to download and run that malicious file? You…