» Blog

A new campaign is targeting home users using impersonated software updates leveraging JavaScript to deliver the Magniber Ransomware. Context On October 13, 2022, HP security researchers reported the technical details of a current campaign leveraging JavaScript files impersonating legitimate Windows Security updates to infect home users with the single-client Magniber ransomware. Technical Details HP researchers…

On October 10, 2022, the threat group “KillNet” claimed a number of denial-of-service (DDoS) attacks against websites of several major airports in the U.S. Context Airport sites targeted in the campaign include the Hartsfield-Jackson Atlanta International Airport (ATL), the Los Angeles International Airport (LAX), the Chicago O’Hare International Airport (ORD), the Orlando International Airport (MCO),…

On October 6, 2022, CISA released a joint advisory advising telecommunications, defense, and critical infrastructure organizations to patch and mitigate the most prevalent Common Vulnerabilities and Exposures (CVEs) leveraged by suspected Chinese state-sponsored cyber threat actors since 2020. Context According to the report, “PRC state-sponsored cyber actors continue to target government and critical infrastructure networks…

Context On October 4, 2022, DCSO CyTec security researchers reported the technical details of a new backdoor malware targeting Microsoft SQL servers they dubbed “Maggie.” According to researchers, the Maggie backdoor can bruteforce logins to other MSSQL servers and add a new hardcoded backdoor user after bruteforcing administrator logins. Researchers did not investigate if and…

The annual RH-ISAC Cyber Intelligence Summit was held in Plano, Texas on September 20-21, 2022. Summit is the premier event for cybersecurity practitioners in the retail, hospitality, and travel industries. This year’s event had nearly 400 attendees for two days full of presentations and networking. The post-conference report is now available to download. It includes details about…