6 July 2022

cybersecurity

YTStealer Malware Targets Accounts of YouTube Content Creators cybersecurity news
3 min read

YTStealer Malware Targets Accounts of YouTube Content Creators

RiSec.Mitch 29 June 2022
Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies. Dubbed “YTStealer” by Intezer, the malicious tool is likely believed to be sold as a service on the dark web, with it distributed using fake installers that also drop RedLine Stealer and Vidar. “What sets YTStealer aside from other stealers sold on the dark web market is that it is solely focused on harvesting credentials for one single service instead of grabbing everything it can get ahold of,” security researcher Joakim...
Continue Reading
Weblizar 8.9 Backdoor – WordPress Plugin Weblizar 8.9 Backdoor - WordPress Plugin
4 min read

Weblizar 8.9 Backdoor – WordPress Plugin

RiSec.Steve 27 June 2022
The premium version of School Management, a plugin schools use to operate and manage their websites, has contained the backdoor since at least version 8.9, researchers at website security service Jetpack said in a blog post without ruling out that it had been present in earlier versions. This page from a third-party site shows that version 8.9 was released last August. Obvious backdoor Jetpack said it discovered the backdoor after support team members at WordPress.com reported finding heavily obfuscated code on several sites that used School Management Pro. After deobfuscating it, they realized that...
Continue Reading
Horizon Offers $1M Bounty to Hackers Who Stole $100M An artist's representation of the Horizon bridge (Source: Harmony)
5 min read

Horizon Offers $1M Bounty to Hackers Who Stole $100M

RiSec.Steve 27 June 2022
Blockchain company Harmony has offered a $1 million bounty to hackers who stole $100 million worth of Ethereum tokens. It also says it won’t push for criminal charges if the funds are returned. The Horizon bridge is a cross-chain protocol connecting the Ethereum, Binance and Harmony blockchains. It allows the transfers of cryptocurrencies, stablecoins and non-fungible tokens between the Harmony blockchain and the other networks, DataBreachToday.co.uk Reports The company has attempted to contact the hackers via a transaction to their Ethereum wallet address, Harmony tells Information Security Media Group. At the...
Continue Reading
Fake copyright infringement emails install LockBit ransomware LockBiit logo
3 min read

Fake copyright infringement emails install LockBit ransomware

RiSec.Mitch 27 June 2022
LockBit ransomware affiliates are using an interesting trick to get people into infecting their devices by disguising their malware as copyright claims. The recipients of these emails are warned about a copyright violation, allegedly having used media files without the creator’s license. These emails demand that the recipient remove the infringing content from their websites, or they will face legal action, reports BleepingComputer Reports The emails, spotted by analysts at AhnLab, Korea, do not determine which files were unfairly used in the body and instead tell the recipient to download...
Continue Reading
Meet the Admins of the RSOCKS Proxy Botnet The RUSdot mailer, the email spamming tool made and sold by the administrator of RSOCKS.
5 min read

Meet the Admins of the RSOCKS Proxy Botnet

RiSec.Mitch 27 June 2022
Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the “RSOCKS” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. While the coordinated action did not name the Russian hackers allegedly behind RSOCKS, KrebsOnSecurity has identified its owner as a 35-year-old Russian man living abroad who also runs the world’s top spam forum, reports KrebsOnSec. According to a statement by the U.S. Department of Justice, RSOCKS offered...
Continue Reading
CyberSecurity Myths Debunked CyberSecurity
5 min read

CyberSecurity Myths Debunked

RiSec.Steve 27 June 2022
CyberSecurity Myths Debunked We work online. We live online. As our fast-paced lives get exponentially dependent on digital services, the urgency to protect our information from being misused is crucial. In 2021, Microsoft went down in flames of embarrassment, as it sustained the biggest hack of that year, over 30,000 US businesses were affected by a sweeping attack on the Microsoft Exchange email servers, one of the largest email servers in the world. The hackers were able to exploit four different zero-day vulnerabilities that allowed them to gain unauthorized access to emails from small...
Continue Reading
House Of Reps Passes ICS Cybersecurity Training Act House Of Reps Passes ICS Cybersecurity Training Act
4 min read

House Of Reps Passes ICS Cybersecurity Training Act

RiSec.Steve 27 June 2022
In a predominantly bipartisan vote, the Industrial Control Systems Cybersecurity Training Act was passed by the House of Representatives on the evening of June 21, 2022. The bill, sponsored by Representative Eric Swalwell (D-CA) establishes within the Cybersecurity and Infrastructure Security Agency (CISA) an initiative to provide the cybersecurity workforce with no-cost training related to securing industrial control systems. These information systems are used to control industrial processes such as manufacturing, product handling, production and distribution. Industrial Control Systems Cybersecurity Training Act This bill will supplement an already impressive array of...
Continue Reading
New Proposals for UK’s Computer Misuse Act New Proposals for UK's Computer Misuse Act
3 min read

New Proposals for UK’s Computer Misuse Act

RiSec.Steve 24 June 2022
UK legislators have proposed an amendment to the Product Security and Telecommunications Infrastructure (PSTI) bill that would give cybersecurity professionals a legal defence for their activities under the Computer Misuse Act (CMA). A cross-party group in the House of Lords, the UK’s second chamber, tabled the amendment on Tuesday (June 21). The PSTI bill is designed to support the UK’s 5G rollout while also mandating vulnerability disclosure policies for vendors of Internet of Things (IoT) products, among other security provisions. ‘Acting in good faith’ The CyberUp campaign, a security industry coalition calling for wholesale reform...
Continue Reading
Special delivery: Yodel becomes the latest victim of a cyber ‘incident’ Yodel security incident
3 min read

Special delivery: Yodel becomes the latest victim of a cyber ‘incident’

RiSec.Steve 22 June 2022
Delivery company Yodel has found itself the latest victim of a cyber “incident” that has disrupted services. Rooted firmly to the bottom of the table of best and worst courier firms by consumer campaigner Which? Yodel has gained popularity and, perhaps, a bit of notoriety in recent years as consumers turned to courier companies rather than venture into physical stores. Exactly when security problems began is difficult to ascertain, since Yodel’s social media voicebox is crammed full of disgruntled customers wondering where their products are (indeed, this writer had the joy...
Continue Reading
Research: Preventative Approach Could Block 90% of Cyber-attacks Research: Preventative Approach Could Block 90% of Cyber-attacks
3 min read

Research: Preventative Approach Could Block 90% of Cyber-attacks

RiSec.Steve 21 June 2022
Despite growing awareness of the dangers of cyber-attacks, many organisations are loath to adopt a preventative approach – until they’re hit. New research has found that 90% of high-level managers believe that most cyber-attacks are avoidable with a preventative approach. In its ‘Cybersecurity: Prevention Is Better than the Cure’ report, Tanium explored reactive versus preventative cybersecurity measures. It surveyed UK-based IT decision makers across a variety of industries including public sector, financial services, healthcare, and retail. Of its respondents, 92% said they had experienced a breach at some point in the...
Continue Reading

You may have missed

British Army ’s Twitter, YouTube accounts were compromised to promote crypto scams British Army ’s Twitter, YouTube accounts were compromised to promote crypto scams
2 min read

British Army ’s Twitter, YouTube accounts were compromised to promote crypto scams

5 July 2022
Google Claims Half of all Zero-Day Bugs Are Due to Poor Patches Zero-day
2 min read

Google Claims Half of all Zero-Day Bugs Are Due to Poor Patches

5 July 2022
10+ Cyber security statistics that every business should know Cyber security statistics
4 min read

10+ Cyber security statistics that every business should know

2 July 2022
Many wireless peripherals are vulnerable to a range of attacks, here’s an example! Many wireless peripherals are vulnerable to a range of attacks, here's an example!
3 min read

Many wireless peripherals are vulnerable to a range of attacks, here’s an example!

2 July 2022
en English
af Afrikaanssq Albanianam Amharicar Arabichy Armenianaz Azerbaijanieu Basquebe Belarusianbn Bengalibs Bosnianbg Bulgarianca Catalanceb Cebuanony Chichewazh-CN Chinese (Simplified)zh-TW Chinese (Traditional)co Corsicanhr Croatiancs Czechda Danishnl Dutchen Englisheo Esperantoet Estoniantl Filipinofi Finnishfr Frenchfy Frisiangl Galicianka Georgiande Germanel Greekgu Gujaratiht Haitian Creoleha Hausahaw Hawaiianiw Hebrewhi Hindihmn Hmonghu Hungarianis Icelandicig Igboid Indonesianga Irishit Italianja Japanesejw Javanesekn Kannadakk Kazakhkm Khmerko Koreanku Kurdish (Kurmanji)ky Kyrgyzlo Laola Latinlv Latvianlt Lithuanianlb Luxembourgishmk Macedonianmg Malagasyms Malayml Malayalammt Maltesemi Maorimr Marathimn Mongolianmy Myanmar (Burmese)ne Nepalino Norwegianps Pashtofa Persianpl Polishpt Portuguesepa Punjabiro Romanianru Russiansm Samoangd Scottish Gaelicsr Serbianst Sesothosn Shonasd Sindhisi Sinhalask Slovaksl Slovenianso Somalies Spanishsu Sudanesesw Swahilisv Swedishtg Tajikta Tamilte Teluguth Thaitr Turkishuk Ukrainianur Urduuz Uzbekvi Vietnamesecy Welshxh Xhosayi Yiddishyo Yorubazu Zulu