Microsoft Investigating Claims of Hacked Source Code Repositories Microsoft says they are investigating claims that the Lapsus$ data extortion hacking group breached their internal Azure DevOps source code repositories and stolen data. Unlike many extortion groups we read about today, Lapsus$ does not deploy ransomware on their victim’s devices. Instead, Read more…
On bank phishing scams: What banking institutions do to reduce them Singapore is tightening security steps to reinforce the local banking and communications infrastructures, including the need for SMS service providers to check against a registry before sending messages. Banks are also expected to develop “more adaptable” artificial intelligence (AI) programs to Read more…
New Phishing Toolkit Lets Anyone Create Fake Chrome Browser Windows A phishing kit has been released that allows red teamers and wannabe cybercriminals to create effective single sign-on phishing login forms using fake Chrome browser windows. When signing into websites, it is common to see the option to sign with Read more…
Windows 11 Adds a BitLocker Exclusion Policy for USB Drives Microsoft has released a new Windows 11 build with a long list of changes, improvements, and fixes for known issues, available for all Windows Insiders that will install the Windows 11 Insider Preview Build 22579 pushed to the Dev Channel. The Read more…
Google Exposes Tactics of a Conti Ransomware Access Broker Google’s Threat Analysis Group has exposed the operations of a threat actor group dubbed “EXOTIC LILY,” an initial access broker linked to the Conti and Diavol ransomware operations. This particular group was first spotted exploiting a zero-day vulnerability in Microsoft MSHTML Read more…
Microsoft Reminds of Internet Explorer’s Looming Demise in June Microsoft has reminded Windows customers today that they’ll finally retire the Internet Explorer 11 web browser from some Windows 10 versions in June and replace it with the new Chromium-based Microsoft Edge. After Internet Explorer is retired, Microsoft will still support legacy Read more…
BIG Sabotage: Famous npm Package Deletes Files to Protest Ukraine War This month, the developer behind the popular npm package ‘node-ipc’ released sabotaged versions of the library in protest of the ongoing Russo-Ukrainian War. Newer versions of the ‘node-ipc’ package began deleting all data and overwriting all files on developer’s machines, in addition to Read more…
Unsecured Microsoft SQL, MySQL Servers Hit by Gh0stCringe Malware Hackers target poorly secured Microsoft SQL and MySQL database servers to deploy the Gh0stCringe remote access trojans on vulnerable devices. Gh0stCringe, aka CirenegRAT, is a variant of Gh0st RAT malware that was most recently deployed in 2020 Chinese cyber-espionage operations but dates as Read more…
Facebook Removes Deepfake of Ukrainian President Zelenskyy Facebook has removed a deepfake video of Ukrainian President Volodymyr Zelenskyy spreading across the social network and asking Ukrainian troops lay down their arms and surrender. “Earlier today, our teams identified and removed a deepfake video claiming to show President Zelensky issuing a Read more…
Microsoft Defender Tags Office Updates as Ransomware Activity Windows admins were hit today by a wave of Microsoft Defender for Endpoint false positives where Office updates were tagged as malicious in alerts pointing to ransomware behavior detected on their systems. According to Windows system admins reports [1, 2, 3, 4], this started happening several Read more…
Let us help you out.
Singapore
7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987
Thailand
The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand
Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!
Click one of our contacts below to chat on WhatsApp
