June 2022 – Page 2 – PossibleThreat Articles

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 30 Jun 2022 13:30:00 +0000

We developed a robust detection method in Microsoft Defender for Endpoint that can catch known and unknown variations of a process execution class used by attackers to evade detection. This class of stealthy execution techniques include process doppelganging, process herpadering, and process ghosting.

The post Using process creation properties to catch evasion techniques appeared first on Microsoft Security Blog.

Security Sophos

S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]

June 30, 2022 0 Comments Crypto, cryptocurrency, Cryptography, extortion, Law & order, Naked Security Podcast, OpenSSL, Podcast, scammers, vulnerability

Credit to Author: Paul Ducklin| Date: Thu, 30 Jun 2022 12:57:04 +0000

Latest episode – listen and read now! Use our advice to advise your own friends and family… let’s all do our bit to stand up to scammers!

MalwareBytes Security

Raccoon Stealer returns with a new bag of tricks

June 30, 2022 0 Comments Cybercrime, data theft, exfiltration, malware, malware-as-a-service, raccoon stealer, raccoon stealer 2.0

Credit to Author: Christopher Boyd| Date: Thu, 30 Jun 2022 13:33:23 +0000

Infamous malware Raccoon Stealer is reportedly back in business after a break.

The post Raccoon Stealer returns with a new bag of tricks appeared first on Malwarebytes Labs.

MalwareBytes Security

RansomHouse claims to have stolen at least 450GB of AMD’s data

June 30, 2022 0 Comments amd breach, bleepingcomputer, extortion group, Hacking, ransomhouse, telegram, weak passwords

Credit to Author: Jovi Umawing| Date: Thu, 30 Jun 2022 12:39:53 +0000

Extortion group RansomHouse has revealed its latest victim: semiconductor giant AMD. The company was breached due to weak passwords.

The post RansomHouse claims to have stolen at least 450GB of AMD’s data appeared first on Malwarebytes Labs.

Security TrendMicro

Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit

June 30, 2022 0 Comments trend micro research : articles, news, reports, trend micro research : phishing, trend micro research : ransomware, trend micro research : research

Credit to Author: Kenneth Adrian Apostol| Date: Thu, 30 Jun 2022 00:00:00 +0000

We look into a recent attack orchestrated by the Black Basta ransomware ransomware group that used the banking trojan QakBot as a means of entry and movement and took advantage of the PrintNightmare vulnerability to perform privileged file operations.

Security TrendMicro

How to Present Cloud Risk to the Board

June 29, 2022 0 Comments trend micro ciso : article, trend micro ciso : cloud, trend micro ciso : expert perspective, trend micro ciso : risk management

Credit to Author: Erin Sindelar| Date: Wed, 29 Jun 2022 00:00:00 +0000

Trend Micro Security Researcher, Erin Sindelar, breaks down three popular types of cloud risk assessments to help CISOs and security leaders better explain cyber risk to the board.

Security Sophos

Firefox 102 fixes address bar spoofing security hole (and helps with Follina!)

June 29, 2022 0 Comments firefox, follina, Mozilla, Patch, vulnerability

Credit to Author: Paul Ducklin| Date: Wed, 29 Jun 2022 16:11:55 +0000

Firefox squashes a bug that helped phishers, and brings its own helping hand to Microsoft’s “Follina” saga.

Microsoft Security

Microsoft at RSA 2022: Envisioning the future of security

June 29, 2022 0 Comments cybersecurity

Credit to Author: Emma Jones| Date: Wed, 29 Jun 2022 16:00:00 +0000

The 2022 RSA Conference was a great success, drawing 26,000 attendees to three days of cutting-edge security sessions, tutorials, seminars, and special events at Moscone Center in San Francisco. Microsoft Security was on the ground, interacting with customers and security professionals at Microsoft’s 20-plus earned sessions, as well as showcasing new solutions like Microsoft Entra that help realize our goal of comprehensive security.

The post Microsoft at RSA 2022: Envisioning the future of security appeared first on Microsoft Security Blog.

Security Wired

‘Supercookies’ Have Privacy Experts Sounding the Alarm

June 29, 2022 0 Comments Security, Security / Privacy

Credit to Author: Chris Stokel-Walker| Date: Tue, 28 Jun 2022 16:05:21 +0000

A German ad-tech trial features what Vodafone calls “digital tokens.” Should you be worried?

ComputerWorld Independent

FCC commissioner wants Apple, Google to remove TikTok from App Stores

June 29, 2022 0 Comments Apple, Google, Mobile, mobile apps, Security, small and medium business

Credit to Author: Jonny Evans| Date: Wed, 29 Jun 2022 05:34:00 -0700

FCC Commissioner Brendan Carr has written to Apple and Google to request that both companies remove the incredibly popular TikTok app from their stores, citing a threat to national security.

Is your data going TikTok?

Carr warns the app collects huge quantities of data and cited a recent report that claimed the company has accessed sensitive data collected from Americans. He argues that TikTok’s, “pattern of conduct and misrepresentations regarding the unfettered access that persons in Beijing have to sensitive U.S. data…puts it out of compliance,” with App Store security and privacy policies.

To read this article in full, please click here