Bizarro banking trojan targets European and South American banking customers
A banking trojan dubbed “Bizarro” that originated from Brazil has now targeted customers of 70 banks in Europe and South America.
Cybersecurity Attacks
Pipeline ransomware attack shuts down 45% of East Coast’s fuel (US passes emergency waiver, systems restarted) – updated
A ransomware attack has crippled the largest U.S. pipeline operator, Colonial Pipeline, shutting down 45% of the East Coast’s supply of fuel. As a result, USDOT issued an emergency waiver to allow easier transports of fuel by truck in those states affected. Colonial also issued a new statement confirming pipeline systems have been restarted.
Threat actors use FiveHands Ransomware and SombRAT in new cyberattack
The Cybersecurity and Infrastructure Security Agency (CISA) has published a new report on FiveHands ransomware, SombRAT and a publicly available network scanner used in a cyberattack against an organization.
Alert: Attackers exploiting Pulse Connect Secure vulnerabilities (updated)
CISA warned attackers continue to exploit Pulse Connect Secure vulnerabilities. The alert was issued after CISA confirmed malicious activity on public and private entity networks. Additional detection methods were also added on April 30.
“BadAlloc” vulnerabilities impact broad range of IoT and OT devices
Security researchers from Microsoft have discovered a collection of vulnerabilities dubbed “BadAlloc” that affect a broad range of IoT and OT devices in industrial, medical and consumer sectors.
New Supernova malware analysis reveals new APT cyberattack methods against vulnerable SolarWinds infrastructure
The Cybersecurity and Infrastructure Security Agency (CISA) has published a new analysis report on Supernova malware used in a cyberattack and long term compromise of an entity’s network and SolarWinds systems.
Alert: Qlocker and eCh0raix ransomware attacks against QNAP NAS devices
QNAP Systems, Inc. (QNAP) issued a statement strongly urging users to immediately update and run malware scans on QNAP NAS devices after recent reports of ransomware attacks involving Qlocker and eCh0raix.
Botnet malware targets Linux systems and cloud management tools
Security researchers have spotted Tor-based botnet malware that targets Linux systems and cloud management tools to spread malware on victims’ networks.
FBI removes malicious web shells from hundreds of compromised Microsoft Exchange servers
The U.S. Department of Justice (DOJ) authorized the FBI to remove malicious web shells from hundreds of compromised and vulnerable Microsoft Exchange servers.
XCSSET malware now targets Apple’s macOS 11 and M1-based Macs
Security researchers have revealed new research regarding XCSSET that now targets Apple’s macOS 11 and M1-based Macs. XCSSET had historically targeted Xcode projects to deliver malicious payloads.