Insights

What Is Your Auto-Malware Doing?

Anti-malware collects information about us to help keep us safe. But does it collect more information than is necessary for that role? And what does it do with it? This Insight looks at that and provides suggestions to be safer.  

 

 Anti-malware information collection


VexTrio Using 20,000 Hacked WordPress Sites in Traffic Redirect Scheme

WordPress is one of cyberattackers favorite targets. Now we hear of another attack that is using 20,000 WordPress sites to redirect traffic to compromised sites.  

 

WordPress Again


New 'Rules File Backdoor' Attack Lets Hackers Inject Malicious Code via AI Code Editors

Attackers have found a vulnerability in code editors that are AI powered. The vulnerability allows the attackers to insert code that performs malicious actions. 

 

 AI Code Editors Hacked


Mobile Jailbreaks Exponentially Increase Corporate Risk

Jailbreak means a user has removed or circumvented safety features of their phone. This is popular among people who want to do things that the phones attempt to prevent. New research shows the jailbroken devices are significantly more likely to be infected with malware. 

 

Jailbroken phones have high risk


Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

Cisco is a major player in the network space. Attackers have found a way to use the Smart Licensing utility to stage attacks. These vulnerabilities are serious 9.78 on CVSS. Cisco has issued patches. Be sure to apply them.  

 

Serious Cisco Vulnerability

 


One Token To Rule Them All

A token provides access to a single system, application or site. This makes them desired by cybercriminals. Microsoft has issued their Primary Refresh Token that provides access to all the Microsoft services you have permission to use. One token and access to all. This makes them a big target of attackers. 

 

PRT - convenient but dangerous


XCSSET macOS malware variant targets Xcode projects of app developers

A new attack has been found that targets macOS developers using Xcode. Another example of an attack that doesn’t go after single users but a supply chain style attack in that if will infect any user of the app. 

 

Developers targeted


Volt Typhoon Strikes Massachusetts Power Utility

In disturbing news attackers were found in a Massachusetts power utility. As if that isn’t bad enough, they were there for over 300 days before being discovered. 

 

Over 300 days to be discovered


OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection

Another scam using fake Captcha pages. Be sure before you click. This one deploys a rootkit. Very dangerous and difficult to remove. 

 

Another fake Captcha scam


Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails

A phishing campaign looks to take advantage of people through bogus emails that appear to come from Booking.com. If you have ever booked on the site it won’t be a surprise to get an email. But don’t click anything!

 

Travel bookings phishing