Hackers are Taking Over CEO Accounts with Rogue OAuth Apps Threat analysts have observed a new campaign named ‘OiVaVoii’, targeting company executives and general managers with malicious OAuth apps and custom phishing lures sent from hijacked Office 365 accounts. According to a report from Proofpoint, the campaign is still ongoing, though Read more…
Finnish Diplomats’ Phones Infected with NSO Group Pegasus Spyware Finland’s Ministry for Foreign Affairs says devices of Finnish diplomats have been hacked and infected with NSO Group’s Pegasus spyware in a cyber-espionage campaign. “Finnish diplomats have been targets of cyber espionage by means of the Pegasus spyware, developed by NSO Read more…
Finland Warns of Facebook Accounts Hijacked via Messenger Phishing Finland’s National Cyber Security Centre (NCSC-FI) warns of an ongoing phishing campaign attempting to hijack Facebook accounts by impersonating victims’ friends in Facebook Messenger chats. In the alert, the NCSC-FI says that all Facebook users who received messages from online acquaintances Read more…
Microsoft Outlook RCE Zero-day Exploits Now Selling for $400,000 Exploit broker Zerodium has announced a pay jump to 400,000 for zero-day vulnerabilities that allow remote code execution (RCE) in Microsoft Outlook email client. The new payout is not permanent, the company says in a short tweet, but the end date Read more…
QNAP Force-installs Update After DeadBolt Ransomware Hits 3,600 Devices QNAP force-updated customer’s Network Attached Storage (NAS) devices with firmware containing the latest security updates to protect against the DeadBolt ransomware, which has already encrypted over 3,600 devices. On Tuesday, BleepingComputer reported on a new ransomware operation named DeadBolt that was encrypting Internet-exposed QNAP Read more…
DeepDotWeb Admin Imprisoned for Advertising Illegal Dark Web Markets An Israeli citizen who operated DeepDotWeb (DDW), a news site and review site for dark web sites, has received a sentence of 97 months in prison for money laundering and was ordered to forfeit $8,414,173. The conviction of Tal Prihar, 37, Read more…
Taiwanese Apple and Tesla Contractor Hit by Conti Ransomware Delta Electronics, a Taiwanese electronics company and a provider for Apple, Tesla, HP, and Dell, disclosed that it was the victim of a cyberattack discovered on Friday morning. Delta claims to be the world’s largest provider of switching power supplies and reported sales Read more…
Lazarus Hackers use Windows Update to Deploy Malware North Korean-backed hacking group Lazarus has added the Windows Update client to its list of living-off-the-land binaries (LoLBins) and is now actively using it to execute malicious code on Windows systems. The new malware deployment method was discovered by the Malwarebytes Threat Intelligence team while analyzing a Read more…
Microsoft Warns of Multi-stage Phishing Campaign Leveraging Azure AD Microsoft’s threat analysts have uncovered a large-scale, multi-phase phishing campaign that uses stolen credentials to register devices onto the target’s network and use them to distribute phishing emails. As the report highlights, the attacks manifested only through accounts that didn’t have Read more…
Microsoft: Windows 11 Now in Broad Deployment for Eligible Devices Microsoft says Windows 11 has now entered the broad deployment phase, making it available for everyone with an eligible device via Windows Update. This means that Windows 11 21H2, the latest release, will be offered to all Windows devices not affected Read more…
Let us help you out.
Singapore
7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987
Thailand
The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand
Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!
Click one of our contacts below to chat on WhatsApp
