Tag Archive for: Blackswan

Data breach extortion. Credential reuse risk. Blackswan zero-days. A Monero cryptojacker. Notes on the ransomware summit.


Attacks, Threats, and Vulnerabilities

Extortionist Hacker Group SnapMC Breaches Networks in Under 30 Minutes (SecurityWeek) Over the past few months, a threat actor has been increasingly breaching enterprise networks to steal data and extort victims, but without disrupting their operations

SnapMC skips ransomware, steals data (NCC Group Research) Over the past few months NCC Group has observed an increasing number of data breach extortion cases, where the attacker steals data and threatens to publish said data online if the victim decides not to pay. Given the current threat landscape, most notable is the absence of ransomware or any technical attempt at disrupting the victim’s operations.

Academics find Meltdown-like attacks on AMD CPUs, previously thought to be unaffected (The Record by Recorded Future) Two academic papers have been published over the past two months detailing new side-channel attacks in AMD processors that have eerily similar consequences to the Meltdown attack disclosed in early 2018, to which AMD CPUs were previously thought to be immune.

How Impersonation Attacks Fool Users (Avanan) Hackers use impersonated messages from reputable brands to fool users. In this case, scammers are impersonating DocuSign.

Once-in-a-decade discovery made by international cyber security company built by former spies (PR Newswire) Field Effect, a global cyber security company, has released details of their discovery of seven 0-day vulnerabilities in Microsoft Windows software and…

Blox Tales: Microsoft Defender Vishing Using AnyDesk (Armorblox) This blog focuses on a Microsoft Defender vishing campaign where attackers tried to get victims to download AnyDesk for an RDP attack.

Heads up: Verizon’s Visible MVNO accounts are getting hacked left and right (AndroidPolice) Users are reporting account hijacks, address changes, and unauthorized purchases

Apparent Verizon Visible hack was credential stuffing attack, says carrier [U] (9to5Mac) Multiple reports of an apparent Verizon Visible hack, with attackers changing shipping addresses, then ordering phones that are charged …

Verizon’s Visible confirms accounts were breached – report (FierceWireless) Some customer accounts for the…

Source…