In edition #127 of Internet Security Week , we cover a 15-minute hacker attack, disguised phishing, malware stealing Facebook ad accounts, a new generation of ransomware, and much more.
News
As Microsoft blocks Office macros, hackers find new ways to attack
Hackers who typically distributed malware via phishing attachments containing malicious macros have gradually changed tactics after Microsoft Office began blocking them by default, switching to new file types such as ISO, RAR, and Windows Shortcut (LNK) attachments.
By Bill Toulas on Bleeping Computer
Criminals take 15 minutes to attack after security flaws are discovered
Cybercriminals can take as little as 15 minutes to begin exploiting a security flaw from the moment it is revealed, relying precisely on the idea that organizations will take longer to apply fixes to their systems.
By Felipe Demartini on Canaltech
Disguised phishing: be wary of emails marked as safe
When sending phishing emails or malicious attachments, scammers employ a series of tricks to persuade you to click on a link or open a file. One of these tricks is adding all sorts of possible stamps, indicating that the attached link or file is trustworthy.
By Roman Dedenok in Kaspersky Daily
Rug pull: scam affects cryptocurrency investors
Rug pull is a type of scam in which the creators of a particular project seek to attract investors to a new cryptocurrency with the intention of later running off with the funds raised.
By Martina López in We Live Security
Malware steals Facebook business and advertising accounts
Facebook is being targeted by a cybercriminal operation called Ducktail, which aims to take control of the social network's business and advertising accounts for financial theft.
In CISO Advisor
DDoS attack trends in 2022: ultra-short, powerful, and multi-vector attacks
The political situation in Europe and the rest of the world deteriorated drastically in 2022. This affected the nature, intensity, and geography of DDoS attacks, which began to be actively used for political purposes.
By Lawrence Abrams in Bleeping Computer
Leak may have exposed 300,000 documents from a group of real estate companies in Brazil
A major data breach has reportedly hit the Lopes real estate network, which includes brands such as New Place, Local, and VNC. In total, more than 300,000 documents were allegedly obtained by cybercriminals, including client negotiations, proposals, and internal email exchanges, possibly placing personal information and sensitive details in the hands of unauthorized third parties.
By Felipe Demartini on Canaltech
The new generation of ransomares is now multiplatform
Lately, ransomware groups are increasingly targeting not only Windows computers, but also Linux devices and ESXi virtual machines.
By Julia Glazova in Kaspersky Daily
Fake invoice: criminals impersonate a service provider to spread the Grandoreiro trojan
Criminals are impersonating the Vivo mobile phone operator to spread a threat capable of obtaining victims' banking information after being installed.
By Daniel Cunha Barbosa in We Live Security
Lockbit interview: "There are over 100 people involved in the operation"
The Lockbit 3.0 RaaS (ransomware as a service) operation already has more than one hundred people involved, the operation's leader revealed in an interview with the Italian portal Red Hot Cyber.
In CISO Advisor
eBook
[eBook] How to Prevent Data Leaks in Your Company
- Complete material on data breaches, access control, and internet security for businesses
- Available for download
- Free
Are you not yet subscribed to our newsletter to receive this content weekly by email? Then subscribe using the link below:
https://br.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.
