Mon.May 30, 2022

article thumbnail

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

It’s no secret that cybersecurity roles are in high demand. Today there are more than 500,000 open cybersecurity roles in the U.S., leaving organizations vulnerable to cyber threats. Related: Deploying employees as threat sensors. Meanwhile, 200,000 well-trained and technically skilled military service members are discharged each year. These individuals have many transferable skills that would make cybersecurity a prosperous civilian career.

article thumbnail

Multiple Microsoft Office versions impacted by an actively exploited zero-day

Security Affairs

A zero-day flaw in Microsoft Office that could be exploited by attackers to achieve arbitrary code execution on Windows systems. The cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) that was uploaded to VirusTotal from Belarus. The document uses the remote template feature to fetch an HTML and then uses the “ms-msdt” scheme to execute PowerShell code.

Hacking 145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

New Microsoft Office zero-day used in attacks to execute PowerShell

Bleeping Computer

Security researchers have discovered a new Microsoft Office zero-day vulnerability that is being used in attacks to execute malicious PowerShell commands via Microsoft Diagnostic Tool (MSDT) simply by opening a Word document. [.].

145
145
article thumbnail

Follina. Unpatched Microsoft Office zero-day vulnerability exploited in the wild

Graham Cluley

The world is waiting for a patch from Microsoft, after a zero-day vulnerability in Microsoft Office was found to be being exploited in boobytrapped Word documents to remotely execute code on victims' PCs.

Malware 145
article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

A new WhatsApp OTP scam could allow the hijacking of users’ accounts

Security Affairs

Experts warn of a new ongoing WhatsApp OTP scam that could allow attackers to hijack users’ accounts through phone calls. Recently CloudSEK founder Rahul Sasi warned of an ongoing WhatsApp OTP scam that could allow threat actors to hijack users’ accounts through phone calls. The fraudulent scheme is simple, threat actors make a phone call to the victims to trick them into making a call at a phone number starting either with 405 or 67.

Scams 145
article thumbnail

Intuit phish says “we have put a temporary hold on your account”

Malwarebytes

Intuit released a warning about a phishing email being sent to its customers. The phishing emails tell recipients that their account has been put on hold, and try to trick users into “validating their account” to release it again. Intuit. Intuit Inc. is an American business software company that specializes in financial software. Intuit’s products include the tax preparation application TurboTax, personal finance app Mint, the small business accounting program QuickBooks, the credit monito

Phishing 142

LifeWorks

More Trending

article thumbnail

Linux malware is on the rise—6 types of attacks to look for

CSO Magazine

Linux is a coveted target. It is the host operating system for numerous application backends and servers and powers a wide variety of internet of things (IoT) devices. Still, not enough is done to protect the machines running it. "Linux malware has been massively overlooked," says Giovanni Vigna, senior director of threat intelligence at VMware. "Since most of the cloud hosts run Linux, being able to compromise Linux-based platforms allows the attacker to access an enormous amount of resources o

Malware 138
article thumbnail

Three Nigerian men arrested in INTERPOL Operation Killer Bee

Security Affairs

Interpol arrested three Nigerian men in Lagos, who are suspected of using the Agent Tesla RAT to reroute financial transactions and steal sensitive data. Interpol arrested 3 Nigerian men in Lagos, as part of an international operation codenamed Killer Bee. The three men are suspected of using the Agent Tesla RAT to reroute financial transactions and steal confidential details from corporate organizations.

article thumbnail

Mysterious “Follina” zero-day hole in Office – what to do?

Naked Security

News has emerged of a "feature" in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn't help!

137
137
article thumbnail

Microsoft Office zero-day “Follina”—it’s not a bug, it’s a feature! (It’s a bug)

Malwarebytes

Several researchers have come across a novel attack that circumvents Microsoft’s Protected View and anti-malware detection. The attack vector uses the Word remote template feature to retrieve an HTML file from a remote webserver. It goes on to use the ms-msdt protocol URI scheme to load some code, and then execute some PowerShell. All of the above methods are features, but if we tell you that put together this allows an attacker to remotely run code on your system by tricking you into clic

article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Italy warns organizations to brace for incoming DDoS attacks

Bleeping Computer

The Computer Security Incident Response Team in Italy issued an urgent alert yesterday to raise awareness about the high risk of cyberattacks against national bodies and organizations on Monday. [.].

DDOS 137
article thumbnail

Beware the Smish! Home delivery scams with a professional feel…

Naked Security

Home delivery scams are getting leaner, and meaner, and more likely to "look about right". Here's an example to show you what we mean.

Scams 137
article thumbnail

Vodafone plans carrier-level user tracking for targeted ads

Bleeping Computer

Vodafone is piloting a new advertising ID system called TrustPid, which will work as a persistent user tracker at the mobile Internet Service Provider (ISP) level. [.].

article thumbnail

Verizon’s 2022 data breach report: Key takeaways

Security Boulevard

It’s time for the annual Verizon Data Breach Investigation Report (DBIR), a compendium of cybersecurity and malware trends that offers some of the best analyses in our field. It examines more than 5,000 data breaches collected from 80 partners from around the world. If you'd like to explore the report from previous years, we’ve also written up summaries of the 2021 and 2020 reports.

article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Double-whammy attack follows fake Covid alert with a bogus bank call

Malwarebytes

The BBC has revealed details of how a food bank in the UK was conned out of about $63,000 (£50,000) by scammers who used two separate attacks to fleece their victims. A food bank is a way for people to ensure they don’t starve. They are a backstop during times of economic uncertainty, and have been hugely important during the pandemic. An attack on a food bank is an attack on the most vulnerable that’s likely to have a significant impact on a community, and which could have a terribl

Banking 132
article thumbnail

Keeping it real: Don’t fall for lies about the war

We Live Security

Falsehoods about the war in Ukraine come in all shapes and sizes – here are a few examples of what’s in the fake news. The post Keeping it real: Don’t fall for lies about the war appeared first on WeLiveSecurity.

131
131
article thumbnail

US Universities credentials published on dark web

CyberSecurity Insiders

The Federal Bureau of Investigation, aka FBI, has issued a notification that student credentials from many renowned colleges and universities operating in the US were up for sale on the dark web and some public domains. According to the report, the data was dumped in January 2022 on a Russian criminal forum and was being sold single digit figure in thousands of US Dollars.

Phishing 131
article thumbnail

GoodWill Ransomware victims have to perform socially driven activities to decryption their data

Security Affairs

Researchers discovered a new ransomware family called GoodWill that asks victims to donate the ransom for social causes. CloudSEK ’s Threat Intelligence Research team has disclosed a new ransomware strain called GoodWill, that demands victims the payment of a ransom through donations for social causes and financially helping people in need. “The ransomware group propagates very unusual demands in exchange for the decryption key.

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

How Costa Rica found itself at war over ransomware

CSO Magazine

Costa Rica’s newly-elected president has declared a national state of emergency , as its ongoing crisis costs the nation an estimated USD $38 million a day. Perhaps in a different time, we would assumed the country had been struck by a devasting natural disaster or was struggling with some internal conflict—but times have changed. Costa Rica has been struck not by an earthquake or a bomb or a strike, but by a new national crisis: cybercrime.

article thumbnail

EnemyBot Linux Botnet Now Exploits Web Server, Android and CMS Vulnerabilities

The Hacker News

A nascent Linux-based botnet named Enemybot has expanded its capabilities to include recently disclosed security vulnerabilities in its arsenal to target web servers, Android devices, and content management systems (CMS). "The malware is rapidly adopting one-day vulnerabilities as part of its exploitation capabilities," AT&T Alien Labs said in a technical write-up published last week.

Malware 128
article thumbnail

Three Nigerians arrested for malware-assisted financial crimes

Bleeping Computer

Interpol has announced the arrest of three Nigerian men in Lagos, who are suspected of using remote access trojans (RATs) to reroute financial transactions and steal account credentials. [.].

Malware 120
article thumbnail

Watch Out! Researchers Spot New Microsoft Office Zero-Day Exploit in the Wild

The Hacker News

Cybersecurity researchers are calling attention to a zero-day flaw in Microsoft Office that could be abused to achieve arbitrary code execution on affected Windows systems. The vulnerability came to light after an independent cybersecurity research team known as nao_sec uncovered a Word document ("05-2022-0438.doc") that was uploaded to VirusTotal from an IP address in Belarus.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

As Malware Dissemination Drops, Mobile Trojan Detections Grow.

Heimadal Security

Probably one of the most notorious terms in cyber security, a Trojan is a type of malware that acts according to the Greek legend: it camouflages itself as a legitimate file or program to trick unsuspecting users into installing it on their PCs. Upon doing this, users will unknowingly give unauthorized, remote access to the […]. The post As Malware Dissemination Drops, Mobile Trojan Detections Grow. appeared first on Heimdal Security Blog.

Mobile 119
article thumbnail

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

Security Boulevard

It’s no secret that cybersecurity roles are in high demand. Today there are more than 500,000 open cybersecurity roles in the U.S., leaving organizations vulnerable to cyber threats. Related: Deploying employees as threat sensors. Meanwhile, 200,000 well-trained and technically skilled … (more…). The post GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles appeared first on Security Boulevard.

article thumbnail

Clop Ransomware Has Returned and Is Busier than Ever

Heimadal Security

NCC Group security experts said that the Clop ransomware gang has returned following the shutting down of their entire operation for four months between November and February. CL0P had an explosive and unexpected return to the forefront of the ransomware threat landscape, jumping from the least active threat actor in March to the fourth most […].

article thumbnail

Interpol Nabs 3 Nigerian Scammers Behind Malware-based Attacks

The Hacker News

Interpol on Monday announced the arrest of three suspected global scammers in Nigeria for using remote access trojans (RATs) such as Agent Tesla to facilitate malware-enabled cyber fraud.

Malware 115
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

6 Steps to Ensure Cyber Resilience

Dark Reading

To minimize the impact of cyber incidents, organizations must be pragmatic and develop a strategy of resilience for dealing with break-ins, advanced malware, and data theft.

Malware 112
article thumbnail

The Open Source Software Security Mobilization Plan: Takeaways for security leaders

CSO Magazine

The Linux Foundation and the Open Source Security Foundation (OpenSSF) have introduced the Open Source Software Security Mobilization Plan. This is in response to attacks on the software supply chain and an uptick in interest in securing them. Supply chains are appealing targets to malicious actors because they can compromise a single point and have a cascading impact across the ecosystem of customers, as the SolarWinds and Log4j attacks have shown.

Mobile 111
article thumbnail

Zero-Day ‘Follina’ Bug Lays Older Microsoft Office Versions Open to Attack

Threatpost

Malware loads itself from remote servers and bypasses Microsoft's Defender AV scanner, according to reports.

Malware 109
article thumbnail

A week in security (May 23 – 29)

Malwarebytes

Last week on Malwarebytes Labs: Update now! Nvidia released fixes for 10 flaws in Windows GPU drivers Chicago students lose data to ransomware attackers Hunting down your data with Whitney Merrill: Lock and Code S03E11 Unknown APT group has targeted Russia repeatedly since Ukraine invasion Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware General Motors suffers credential stuffing attack Instagram verification services: what are the dangers?

DNS 107
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!