“Cyber-security agencies from the UK and the US have published today a joint security alert about QSnatch, a strain of malware that has been infecting network-attached storage (NAS) devices from Taiwanese device maker QNAP.”
Got An Email From A Hacker With Your Password? Do These 3 Things
“Most every month, I will get contacted by readers who have received an email from a hacker who not only claims to have access to their computer but has the password to prove it.”
PSA: Hackers are trying to phish user credentials to LastPass .. be careful!
“One significant threat to using a password manager like LastPass is that if that account falls into the wrong hands you lose everything, which means attacks on those services are even more of a threat to users.”
Mitigating a 754 Million PPS DDoS Attack Automatically
“On June 21, Cloudflare automatically mitigated a highly volumetric DDoS attack that peaked at 754 million packets per second.”
Microsoft releases emergency security update to fix two bugs in Windows codecs
“Microsoft has published on Tuesday two out-of-band security updates to patch two vulnerabilities in the Microsoft Windows Codecs Library. Tracked as CVE-2020-1425 & CVE-2020-1457, the two bugs only impact Windows 10 and Windows Server 2019 distributions.”
Security firm warns of new malware strain ‘wreaking havoc’ on Windows PCs
“During the Great GPU Shortage of Yesteryear, cryptocurrency mining was all the rage. This also gave way to a class of ‘cryptojacking’ malware that would attempt to pilfer computing resources from an infected PC and use them to most often mine Monero. That has not been a big concern in a long while.”
Chinese bank requires foreign firm to install app with covert backdoor
“A large, multinational technology company got a nasty surprise recently as it was expanding its operations to China. The software a local bank required the company to install so it could pay local taxes contained an advanced backdoor.”
Fake VPN messages used to lure Office 365 phishing victims
“A new phishing campaign is targeting Office 365 customers by impersonating their organizations in messages telling them they need to update their VPN configuration while working remotely.”
NAS devices targeted by ransomware attack
“QNAP network-attached storage (NAS) devices are once again under attack as the operators of the eCh0raix ransomware have launched a new wave of attacks. The eCh0raix ransomware was first deployed last July when its creators released the first version of their malware into the wild.”
AWS stops largest DDoS attack ever
“Amazon has revealed that its AWS Shield service was able to mitigate the largest DDoS attack ever recorded at 2.3 Tbps back in February of this year.”
