In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 29 to April 04, 2020. Threat actors exploit the interest in the COVID19 outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. March 30, 2020 – Your colleagu

Twitter discloses a privacy issue in the way the Mozilla Firefox cached private files sent or received via DM for up to 7 days. Twitter admitted that the private files sent via Twitter DMs were cached inside the users’ Firefox browsers for up to seven days, even if users have logged off. The problem is related to the way the Mozilla Firefox web b

Mozilla releases Firefox version 74.0.1 to address two vulnerabilities exploited by threat actors in attacks in the wild, users should update their browsers asap. Mozilla is urging users to install the latest version of its browser, Firefox 74.0.1, which addresses two bugs that are being exploited in the wild by threat actors. The two vulnerabilities

Bad guys are always trying to use “exotic” file extensions to deliver their malicious payloads. If common dangerous extensions are often blocked by mail security gateways, there exists plenty of less common extensions. These days, with the COVID19 pandemic, we are facing a peak of phishing and scams trying to lure victims. I spotted one that uses

What’s happened?Well, Coronavirus 2019 (COVID-19) happened.Okay, smart alec. I know about that. What else is going on?Well, because so many people are (wisely) staying at home, they’re using videoconferencing and chat technology like Zoom to keep in touch with friends, family and colleagues.In fact, Zoom says that daily usage has soared from appr

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. Recently Microsoft has published details about human-operated ransomware attacks that ta

As a result of the chaos caused by the coronavirus, hundreds of millions of people of all ages are voluntarily and sometimes involuntarily, grounded home. Streaming platforms have proven to be a haven for millions of people, but not everyone relies on Netflix and Apple TV+ to stay entertained. A big chunk of people has started exploring new horizons of onlin

Since the global COVID-19 lockdown started, teens have been flocking to the Houseparty app. Houseparty allows users to create video call sessions so that multiple people can chat at once. At a time when social gatherings are banned, the ability to play games or simply hang out together has been invaluable. Why are people demanding we DELETE HOUSEPARTY? Over

Microsoft announced that it will add an alerting feature to Edge to warn users if their credentials saved to autofill have been compromised. Microsoft announced several new features for its Edge browser, including a new alerting service to warn users if the credentials they have saved to autofill have been compromised in a third-party data breach. 

At the beginning of March 2020, Fifth Domain reported that Colorado-based aerospace, automotive and industrial parts manufacturer Visser Precision LLC had suffered a DoppelPaymer ransomware infection. Those behind this attack ultimately published information stolen from some of Visser’s customers. Those organizations included defense contractors Lockheed Mar

ACROS Security’s 0patch service released unofficial patches for two Windows flaws actively exploited by attackers in the wild. ACROS Security’s 0patch service released unofficial patches for two Windows vulnerabilities actively exploited by attackers in the wild, both issues have yet to be fixed by Microsoft. A few days ago, Microsoft warned of hacker

Google announced to have warned users of almost 40,000 alerts of state-sponsored phishing or malware attacks during 2019. Google shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts of state-sponsored phishing or malware attacks to its users during 2019. The number of alerts decreased by

I published the following diary on isc.sans.edu: “Malicious JavaScript Dropping Payload in the Registry“: When we speak about “fileless” malware, it means that the malware does not use the standard filesystem to store temporary files or payloads. But they need to write data somewhere in the system for persistence or during the infe

Operation Poisoned News – Experts observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to spy on them. Security experts at Trend Micro have observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor tracked as lightSpy. Attackers used malicious l

Customer loyalty programs are great – for providers and customers. In return for regular shopping, members receive various discounts and perks. At the same time, the shop gains all kinds of valuable data about your buying habits which they can use for targeted marketing purposes. Depending on the scheme they may also be able to re-sell some of that informati