A new malware sold on dark web forums is being used by threat actors to steal accounts for multiple gaming platforms, including Steam, Epic Games Store, and EA Origin. [...]

State-sponsored hackers affiliated with Russia are behind a new series of intrusions using a previously undocumented implant to compromise systems in the U.S., Germany, and Afghanistan. Cisco Talos attributed the attacks to the Turla advanced persistent threat (APT) group, coining the malware "TinyTurla" for its limited functionality and efficient coding style that allows it to go undetected.

A malicious Firefox add-on named "Safepal Wallet" lived on the Mozilla add-ons site for seven months and scammed users by emptying out their wallets. Safepal is a cryptocurrency wallet application capable of securely storing a variety of crypto assets, including Bitcoin, Ethereum, and Litecoin. [...]

The operators behind the BlackRock mobile malware have surfaced back with a new Android banking trojan called ERMAC that targets Poland and has its roots in the infamous Cerberus malware, according to the latest research. "The new trojan already has active distribution campaigns and is targeting 378 banking and wallet apps with overlays," ThreatFabric's CEO Cengiz Han Sahin said in an emailed

DMARC is a global standard for email authentication. It allows senders to verify that the email really comes from whom it claims to come from. This helps curb spam and phishing attacks, which are among the most prevalent cybercrimes of today. Gmail, Yahoo, and many other large email providers have implemented DMARC and praised its benefits in recent years. If your company's domain name is

In addition to the new Start Menu and taskbar design overhauls, Windows 11 also comes with a new File Explorer and Settings app. [...]

Microsoft announced that Basic Authentication will be turned off for all protocols in all tenants starting October 1st, 2022, to protect millions of Exchange Online users. [...]

Cybersecurity researchers have charted the evolution of Jupyter, a .NET infostealer known for singling out healthcare and education sectors, which make it exceptional at defeating most endpoint security scanning solutions. The new delivery chain, spotted by Morphisec on September 8, underscores that the malware has not just continued to remain active but also showcases "how threat actors

Microsoft has released an emergency fix for freezing and crashing app issues caused by September's KB5005565  and KB5005101 cumulative updates. [...]

Security researchers have found a flaw in the Microsoft Windows Platform Binary Table (WPBT) that could be exploited in easy attacks to install rootkits on all Windows computers shipped since 2012. [...]

This week, threat actors hijacked Bitcoin.org, the authentic website of the Bitcoin project, and altered parts of the website to push a cryptocurrency giveaway scam that unfortunately some users fell for. Although the hack lasted for less than a day, hackers seem to have walked away with a little over $17,000. [...]

This week's biggest news is the USA sanctioning a crypto exchange used by ransomware gangs to convert cryptocurrency into fiat currency. By targeting rogue exchanges, the US government is hoping to disrupt ransomware's payment system. [...]

​California-based United Health Centers suffered a ransomware attack that reportedly disrupted all of their locations and resulted in patient data theft. [...]

Google has apologized for a wave of emails warning Google Cloud Platform, Firebase, or API customers that their accounts may be suspended for a past due balance. [...]

Exploit code that could be used for remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 has been released today and attackers are already using it. [...]

Google has released Chrome 94.0.4606.61 for Windows, Mac, and Linux, an emergency update addressing a high-severity zero-day vulnerability exploited in the wild. [...]

ESET unmasks FamousSparrow APT group – Stopping cloud data leaks – European cybercrime ring busted

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

Google on Friday rolled out an emergency security patch to its Chrome web browser to address a security flaw that's known to have an exploit in the wild. Tracked as CVE-2021-37973, the vulnerability has been described as use after free in Portals API, a web page navigation system that enables a page to show another page as an inset and "perform a seamless transition to a new state, where the

Network security company SonicWall has addressed a critical security vulnerability affecting its Secure Mobile Access (SMA) 100 series appliances that can permit remote, unauthenticated attackers to gain administrator access on targeted devices remotely. Tracked as CVE-2021-20034, the arbitrary file deletion flaw is rated 9.1 out of a maximum of 10 on the CVSS scoring system, and could allow an