In issue #129 of Internet Security Week , a free internet security test, a hacker uses a shortcut file to break in, tips for securing your new computer, an FBI warning about a ransomware attack, and more.
News
Google and Microsoft services used to host cryptocurrency scams
Criminals are using legitimate hosting services and comments on equally authentic websites to boost the relevance of fraudulent pages, which are later used in cryptocurrency scams.
By Felipe Demartini on Canaltech
Hacker Now Uses Shortcut File to Break Into Corporate PC
Cybercriminals spreading malware variants are shifting to shortcut (LNK) files to hack corporate PCs, according to a report by HP Wolf Security. According to the company's research, shortcuts are gradually replacing the use of Office macros—which are beginning to be blocked by default by Microsoft—to allow attackers to establish themselves on networks and trick users into installing malware on their PCs.
In CISO Advisor
The number of hacked corporate network accesses is still high.
Statistics collected by cyber intelligence firm KELA during the second quarter of this year show that markets selling initial access to corporate networks have grown.
By Bill Toulas at Bleeping Computer
Criminals don't stop: rootkit in a new version
Our researchers examined a new version of the CosmicStrand rootkit, which they found in the MODIFIED UEFI (Extensible Firmware Interface) firmware – the code that first loads and initiates the operating system boot process when the computer is turned on.
By Julia Glazova in Kaspersky Daily
Tips for protecting your new computer from cyber threats
We've put together a list of best practices and security measures to consider when considering securing a newly purchased computer against digital threats.
By Phil Muncaster in We Live Security
Mexican cartels begin operating on the dark web
Analysts at DarkOwl, a company specializing in dark web searches, discovered several escrow-enabled marketplaces on the dark web claiming to be affiliated with the Sinaloa Cartel. One of them, specifically called "Cartel de Sinaloa," is directly associated with that cartel and Los Chapitos. The site uses the same logo (a red and black skull with the phrase "Cartel de Sinaloa") as a Facebook group page of the same name.
In CISO Advisor
Scammers use remote access to steal money via Pix
A retiree from Rio de Janeiro (RJ) saw R$60,000 stolen from his account after suffering a new type of scam, which uses social engineering and remote access applications to make transfers via Pix.
By Felipe Demartini on Canaltech
FBI warns: Ransomware can encrypt devices multiple times in attacks
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) today warned U.S. organizations that attackers deploying Zeppelin ransomware can encrypt their files multiple times. The two federal agencies also shared tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help security professionals detect and block attacks using this ransomware strain.
By Sergiu Gatlan at Bleeping Computer
New malicious campaign hunts for Discord tokens and credit card information
Open source code is a boon for the IT industry—it helps programmers save time and build products faster and more efficiently, eliminating the need to write repetitive, mundane code. To facilitate this knowledge sharing, there are repositories—open platforms where any developer can publish their own packages with their code to streamline the development process for others.
By Elizaveta Shulyndina in Kaspersky Daily
Tool
Test Your Internet Security
- Do you know if your employees, students, or family are protected against phishing sites, malware, pornography, racist, or terrorist content? Take the test now and find out!
- Free
Not yet subscribed to our newsletter to receive this content weekly in your email? Then sign up using the link below:
https://br.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.
