Troy Hunt

NOVEMBER 22, 2018

All that and more in this week's update. It's a no-blog week, but that doesn't mean any less is happening! This week, I've finally wrapped up the Lego Bugatti, got myself into the new iPad, connected my washing machine (I know, I know, I didn't plan it this way!) and then isolated it on a separate IoT network. What a time we live in.

IoT 170

IoT 170

Malwarebytes

NOVEMBER 16, 2021

Not only had the infrastructure been dismantled, but previously infected computers had received a special update that would effectively remove the malware at a specific date. Out of the woods again. On November 15, security researchers who’ve tracked Emotet announced that the threat was back. A return of malspam waves and ransomware?

InfoSec 87

InfoSec Ransomware Malware 87

eSecurity Planet

MARCH 25, 2024

Vulnerability updates also play an important role in revealing vendor transparency or lack thereof. While the vulnerability was uncovered last August, Fortra updated its advisory last week, explaining that the CVE had been issued months later because the person who reported the vulnerability requested that it be issued.

Computers and Electronics 62

Computers and Electronics Software Accountability Authentication 62

Security Affairs

APRIL 13, 2021

Microsoft patch Tuesday security updates address four high and critical vulnerabilities in Microsoft Exchange Server that were reported by the NSA. All the vulnerabilities are remote code execution that could allow attacks to compromise vulnerable installs, for this reason, the IT giant urges its customers to install the latest updates.

Cybersecurity 63

Cybersecurity Hacking Information Security Malware 63

Malwarebytes

JANUARY 10, 2023

In the first half of 2022 alone , the education sector saw an average of almost 2,000 attacks every week—a 114% increase compared to two years ago. Over the years, cyberattacks on K-12 schools and districts have steadily increased, and in 2022 that trend only continued.

Cybersecurity 66

Cybersecurity Education Ransomware Government 66

Security Boulevard

JUNE 15, 2023

On May 20, the Mystic Stealer seller posted updates that include loader functionality and a persistence capability to forums as shown in Figure 1. update with loader support As previously noted, there are several anti-analysis and evasion features additionally present in Mystic Stealer: Binary expiration.

Cryptocurrency 52

Cryptocurrency Password Management Malware DNS 52

SecureList

JANUARY 20, 2022

As a safety measure against this attack and similar ones, it is recommended to update the UEFI firmware regularly and verify that BootGuard, where applicable, is enabled. 114 – Go malware. Scheduling code used in MoonBounce’s user-mode stager. Domains and IPs. mb.glbaitech[.]com com – MoonBounce. ns.glbaitech[.]com

Firmware 145

Firmware Malware Encryption Passwords 145