Emotet malware campaign warning
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has warned of an ongoing and widespread phishing campaign designed to spread Emotet malware throughout Australia.
Cyber security malware threats.
Divergent “fileless” NodeJS malware used for click-fraud
Attackers are using a "fileless" malware dubbed Divergent to generate revenue via click-fraud. Divergent further uses NodeJS and a WinDivert utlility to facilitate the malware attack.
Tortoiseshell targets US veterans with fake website used to download malware
A cyber attack group dubbed "Tortoiseshell" has deployed a fake website posing as a site to help U.S. military veterans find jobs. The website is then used to download malware to visitors' systems.
TFlower ransomware targets companies via exposed RDS
A new ransomware dubbed TFlower has been targeting corporate environments via exposed remote desktop services (RDS).
Watchbog targets unpatched systems
Security experts have uncovered an incident that involved the Watchbog cryptomining botnet. Attackers exploited CVE-2018-1000861 to establish a foothold on the victim's network and install Watchbog malware on unpatched systems.
iOS exploit chains discovered in the wild
A group of hackers have been using compromised websites to launch watering hole attacks against iPhone users who visit the websites. The attacks also use five different exploit chains and exploit 0-day vulnerabilities that don't require any user interaction.
Joint effort neutralizes Retadup worm that infected 850k systems
A joint effort between security firm Avast and a French cybercrime unit C3N has taken down a malicious worm dubbed Retadup that has affected thousands of machines.
Backdoor discovered in Webmin, a popular Unix utility
A security researcher discovered a backdoor in the popular web-based utility used to remotely manage Unix-based servers, to include Linux, FreeBSD and OpenBSD systems.
23 Texas towns hit in coordinated ransomware attack
The Texas Department of Information Resources (DIR) has confirmed late Friday that 23 towns across Texas were victims of a coordinated ransomware attack.
Microsoft August 2019 Security Updates
Microsoft issued the August 2019 Security Updates on Tuesday that include 93 unique vulnerability fixes, 29 of those rated critical. In addition, two of the patches address two critical Remote Code Execution (RCE) "wormable" vulnerabilities (CVE-2019-1181 and CVE-2019-1182) in Remote Desktop Services.