ThreatsHub Cybersecurity News

Water Makara Uses Obfuscated JavaScript in Spear Phishing Campaign, Targets Brazil With Astaroth Malware

Trend Micro researchers have uncovered a surge of malicious activities involving a threat actor group that we track as Water Makara. This group is targeting enterprises in Brazil, deploying banking malware using obfuscated JavaScript to slip past security defenses. Read More HERE…

The Register

October 13, 2024 TH Author

Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between

Reading, writing, and cyber mayhem, amirite? If we were to draw an infosec Venn diagram, with one circle representing “sensitive info that attackers would want to steal” and the other “limited resources plus difficult-to-secure IT environments,” education would sit in the overlap. … READ MORE HERE…

The Register

October 12, 2024 TH Author

US and UK govts warn: Russia scanning for your unpatched vulnerabilities

Also, phishing’s easier over the phone, and your F5 cookies might be unencrypted, and more in brief If you need an excuse to improve your patching habits, a joint advisory from the US and UK governments about a massive, ongoing Russian campaign exploiting known vulnerabilities should do the trick.… READ MORE HERE…

The Register

October 11, 2024 TH Author

INC ransomware rebrands to Lynx – same code, new name, still up to no good

Researchers point to evidence that scumbags visited the strategy boutique Researchers at Palo Alto’s Unit 42 believe the INC ransomware crew is no more and recently rebranded itself as Lynx over a three-month period.… READ MORE HERE…

The Register

October 11, 2024 TH Author

US lawmakers seek answers on alleged Salt Typhoon breach of telecom giants

Cyberspies abusing a backdoor? Groundbreaking Lawmakers are demanding answers about earlier news reports that China’s Salt Typhoon cyberspies breached US telecommunications companies Verizon, AT&T, and Lumen Technologies, and hacked their wiretapping systems. They also urge federal regulators to hold these companies accountable for their infosec practices – or lack thereof.… READ MORE HERE…

ZDNet | Security

October 11, 2024 TH Author

Microsoft blocked your Windows 11 upgrade? This just-released tool can get the job done

A new version of the popular Rufus utility once again bypasses Microsoft’s strict hardware compatibility requirements for Windows 11 upgrades. But the way it’s implemented might make some people nervous.
READ MORE HERE…

Microsoft Secure

October 11, 2024 TH Author

Microsoft’s guidance to help mitigate Kerberoasting

Kerberoasting, a well-known Active Directory (AD) attack vector, enables threat actors to steal credentials and navigate through devices and networks. Microsoft is sharing recommended actions administrators can take now to help prevent successful Kerberoasting cyberattacks.
The post Microsoft’s guidance to help mitigate Kerberoasting appeared first on Microsoft Security Blog. READ MORE HERE…

Cyber Security Trending News

I compared the best soundbars from Sonos and Samsung, and this one wins it for me

Lynx Ransomware Analyses Reveal Similarities To INC Ransom

Thousands Of Fortinet Instances Vulnerable To Actively Exploited Flaw

Hacked Robot Vacuums Across The U.S. Started Yelling Slurs

Water Makara Uses Obfuscated JavaScript in Spear Phishing Campaign, Targets Brazil With Astaroth Malware

Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between

US and UK govts warn: Russia scanning for your unpatched vulnerabilities

INC ransomware rebrands to Lynx – same code, new name, still up to no good

US lawmakers seek answers on alleged Salt Typhoon breach of telecom giants

Microsoft blocked your Windows 11 upgrade? This just-released tool can get the job done

Microsoft’s guidance to help mitigate Kerberoasting