InfoSec News

All You Need to Know About Emotet in 2022 For 6 months, the infamous Emotet botnet has shown almost no activity, and now it's distributing malicious spam. Let's dive into details and discuss all you need to know about the notorious malware to combat it. Why is everyone scared of Emotet? Emotet is by far one of the most dangerous trojans ever created. The malware became a very destructive program as it grew in scale and sophistication. via The Hacker News (author: noreply@blogger.com (The Hacker News))

Russia-based RansomBoggs Ransomware Targeted Several Ukrainian Organizations Ukraine has come under a fresh onslaught of ransomware attacks that mirror previous intrusions attributed to the Russia-based Sandworm nation-state group. Slovak cybersecurity company ESET, which dubbed the new ransomware strain RansomBoggs, said the attacks against several Ukrainian entities were first detected on November 21, 2022. "While the malware written in .NET is new, its deployment is via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser. Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022. Heap-based buffer overflow bugs can be via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

Google warns: Android 'patch gap' is leaving these smartphones vulnerable to attack Google says it is working with Android smartphone manufacturers to get them to release patches for multiple critical Arm Mali GPU driver bugs. via Latest stories for ZDNET in Security

Dell, HP, and Lenovo Devices Found Using Outdated OpenSSL Versions An analysis of firmware images across devices from Dell, HP, and Lenovo has revealed the presence of outdated versions of the OpenSSL cryptographic library, underscoring a supply chain risk. EFI Development Kit, aka EDK, is an open source implementation of the Unified Extensible Firmware Interface (UEFI), which functions as an interface between the operating system and the firmware embedded in via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

New Windows Server updates cause domain controller freezes, restarts Microsoft is investigating LSASS memory leaks (caused by Windows Server updates released during the November Patch Tuesday) that might lead to freezes and restarts on some domain controllers. [...] via BleepingComputer (author: Sergiu Gatlan)

Google rushes out Chrome browser fix for new zero-day flaw Google patches a sandbox escape in Chrome that an attacker can exploit by luring a target to a malicious web page. via Latest stories for ZDNET in Security

Interpol Seized $130 Million from Cybercriminals in Global "HAECHI-III" Crackdown Operation Interpol on Thursday announced the seizure of $130 million worth of virtual assets in connection with a global crackdown on cyber-enabled financial crimes and money laundering. The international police operation, dubbed HAECHI-III, transpired between June 28 and November 23, 2022, resulting in the arrests of 975 individuals and the closure of more than 1,600 cases. This comprised two fugitives via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

U.S. govt seizes domains used in 'pig butchering' scams For the first time, the U.S. Department of Justice seized seven domains that hosted websites linked to "pig butchering" scams, where fraudsters trick victims of romance scams into investing in cryptocurrency via fake investment platforms. [...] via BleepingComputer (author: Sergiu Gatlan)

New RansomExx Ransomware Variant Rewritten in the Rust Programming Language The operators of the RansomExx ransomware have become the latest to develop a new variant fully rewritten in the Rust programming language, following other strains like BlackCat, Hive, and Luna. The latest version, dubbed RansomExx2 by the threat actor known as Hive0091 (aka DefrayX), is primarily designed to run on the Linux operating system, although it's expected that a Windows version will via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))