Cybersecurity News - Page 293

Previously, the malware was mainly spread through spam emails, but in a recent campaign Raccoon has been delivered via cracked software.

Over the past few years, numerous attacks were observed targeting misconfigured Kubernetes installs.

Besides its traditional bot and mining activities, the malware comes with a variety of functionalities allowing it to steal credentials, remove security controls, spread via emails, move laterally, etc.

The attacks involved the exploitation of Microsoft Exchange Server vulnerabilities, the deployment of the China Chopper web shell, and the use of Mimikatz to collect credentials.

The official website for booking COVID-19 vaccinations was unavailable for several hours on Sunday preventing citizens from booking appointments for a coronavirus vaccine.

Dubbed GhostEmperor, the threat actor has been observed using a never-before-seen Windows kernel-mode rootkit.

Researchers discovered more than 30 command-and-control servers under control of APT29 that were delivering WellMess.

The hackers are believed to have had access to compromised accounts from approximately May 7 to December 27, 2020.

The agency advises to avoid connecting to public Wi-Fi, and use a corporate or personal Wi-Fi hotspot with strong authentication and encryption whenever possible.

The attackers claim they encrypted the company’s files, including 1TB of personal data, financial reports and other documents.