Click Studios, makers of the Passwordstate enterprise password manager, has notified customers that attackers have compromised the app’s update process mechanism to deliver malware in a supply-chain attack after breaching its networks. A security researcher notes that Click Studios’ notification email to customers states that malicious upgrades were potentially downloaded by customers between April 20 and April 22. Users are warned to reset their passwords.
Author: ISBuzz Team
On April 25th, law enforcement officials in the Netherlands delivered an Emotet update that removed the malware from all infected computers. The update was made possible after law enforcement agencies from across eight countries orchestrated a coordinated takedown in January to seize servers and arrest individuals behind Emotet, considered by many to be today’s largest malware botnet.
Apple’s AirDrop is reported to be leaking users’ PII. Every time someone opens a sharing panel in either macOS or iOS, they’re leaking hashes that, at a minimum, disclose their phone numbers and likely their email addresses, too. And in some cases, just having AirDrop enabled at all may be enough to leak these details. For now, the only way to prevent the leakage is to set AirDrop discovery to “no one” in the system settings menu and to also refrain from opening the sharing pane. Apple has known of the flaw since 2019 but has yet to acknowledge or…
A new study into cybercrime reveals the most common types of cybercrime across the UK and the areas with the highest rates. The data shows a 19.1% increase in overall UK cybercrime levels between January 2020 and January 2021. During the coronavirus pandemic, the UK has seen a cybercrime increase of 19.1%. ESET, a global leader in cybersecurity, has conducted a study to reveal the UK areas with the highest rates of cybercrime, the areas where cybercrime is rising most rapidly and the most common types of cybercrime. The UK areas with the highest rate of cybercrime: Rank Police Force Total Number…
BACKGROUND: As reported by Sky News, Russian hackers breached Washington DC police department’s database and have threatened to share information with criminal gangs unless it pays an unspecified ransom. A Russian-speaking ransomware syndicate has claimed to have stolen sensitive data, including on informants, the police force said. The cybercriminals posted screenshots on their dark web site supporting their claim to have stolen more than 250 gigabytes of data. Details of the hack were revealed by the DC police department on Monday, which has asked the FBI to investigate the “unauthorised access” to its computer network. There was no indication that any…
In a recent blog post Google has reportedly, banned 119,000 app developer accounts in 2020, used machine learning security solutions to prevent over 962,000 malicious apps from getting onto the Play Store.
Recently it was reported that ransomware groups are continuing to seek out new avenues to rake in profits and ratchet up pressure on victims. The DarkSide ransomware group is openly coaxing stock traders to reach out and receive the inside scoop on the gang’s latest corporate victims, so they can short sell their stock before any data is leaked and the news goes public.
GuidePoint Security researchers report Mount Locker Ransomware Steps up Counter-IR Capabilities, Hindering Efforts for Detection, Response, and Investigation. The group is using more sophisticated scripting, maybe rebranding as “Astro Locker,” and has added new security evasion features. GuidePoint indicates that campaigns may be targeting biotech and healthcare-adjacent industries. An expert with Veridium offers perspective.
As reported by Motherboard, a pair of bugs in John Deere’s apps and website could have allowed hackers to find and download the personal data of all owners of the company’s farming vehicles and equipment, according to a security researcher who found the vulnerabilities. There is no evidence that hackers exploited these flaws. The researcher, who goes by Sick Codes, reported them to John Deere on April 12 and 13 and the company fixed one of the bugs just three days later. The company fixed the second bug on Wednesday, according to the researcher. Before the fixes, the vulnerabilities, if…
Security researchers have discovered that a persistent cryptocurrency mining botnet is exploiting still-unpatched Microsoft Exchange servers to grow globally. Dubbed “Prometei,” the botnet was first reported on in July 2020 and is thought to have been around since 2016, according to Cybereason Nocturnus. However, the research team found a new development in that the threat actors behind it have been exploiting Microsoft Exchange vulnerabilities CVE-2021-27065 and CVE-2021-26858 to penetrate victim networks, steal credentials and install malware. These bugs are part of the four zero-days patched by Microsoft back in March after being exploited by Chinese APT group Hafnium.
