This Week in Cyberspace (15-21 January 2022)
What happened in the cyber world this week? The prominent cyber security news of the week is with you...
Russian Security Takes Down REvil Ransomware Gang
Ülkenin FSB'si çete saklanma yerlerine baskın düzenlediğini söyledi; ele geçirilen para birimi, arabalar ve personel; ve REvil'in altyapısını etkisiz hale getirdi.
Microsoft: Ransomware Kılığında Veri Silen Kötü Amaçlı Yazılım Tekrar Ukrayna’yı Hedef Alıyor
Microsoft said today that it has observed a destructive attack taking place in Ukraine where a malware strain has wiped infected computers and then tried to pass as a ransomware attack, but without providing a ransomware payment and recovery mechanism.
New Unpatched Apple Safari Browser Bug Allows Cross-Site User Tracking
A software bug introduced in Apple Safari 15's implementation of the IndexedDB API could be abused by a malicious website to track users' online activity in the web browser and worse, even reveal their identity.
Linux Kötü Amaçlı Yazılımlarının Bulaş Oranı 2021’de %35 Arttı
The number of malware infections targeting Linux devices rose by 35% in 2021, most commonly to recruit IoT devices for DDoS (distributed denial of service) attacks.
High-Severity Vulnerability in 3 WordPress Plugins Affected 84,000 Websites
Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000 websites and could be abused by a malicious actor to take over vulnerable sites.
Dark Web's Largest Marketplace for Stolen Credit Cards is Shutting Down
UniCC, the biggest dark web marketplace of stolen credit and debit cards, has announced that it's shuttering its operations after earning $358 million in purchases since 2013 using cryptocurrencies such as Bitcoin, Litecoin, Ether, and Dash.
Microsoft: Edge, ‘Öngörülemeyen Aktif’ Sıfır Gün Hatalarını Azaltacak
Microsoft Edge has added a new feature to the Beta channel that will mitigate future in-the-wild exploitation of unknown zero-day vulnerabilities.
Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors
An elusive threat actor called Earth Lusca has been observed striking organizations across the world as part of what appears to be simultaneously an espionage campaign and an attempt to reap monetary profits.
Microsoft Releases Emergency Fixes for Windows Server, VPN Bugs
Microsoft has released emergency out-of-band (OOB) updates to address multiple issues caused by Windows Updates issued during the January 2021 Patch Tuesday.
Researchers Bypass SMS-based Multi-Factor Authentication Protecting Box Accounts
Cybersecurity researchers have disclosed details of a now-patched bug in Box's multi-factor authentication (MFA) mechanism that could be abused to completely sidestep SMS-based login verification.
New White Rabbit Ransomware Linked to FIN8 Hacking Group
A new ransomware family called 'White Rabbit' appeared in the wild recently, and according to recent research findings, could be a side-operation of the FIN8 hacking group.
Microsoft: SolarWinds Fixes Serv-U Bug Exploited for Log4j Attacks
SolarWinds has patched a Serv-U vulnerability discovered by Microsoft that threat actors actively used to propagate Log4j attacks to internal devices on a network.
483 Crypto.com Accounts Compromised in $34 Million Hack
Crypto.com has confirmed that a multi-million dollar cyber attack led to the compromise of around 400 of its customer accounts. Although, the company's CEO stresses that customer funds are not at risk.
FBI Lnks Diavol Ransomware to the TrickBot Cybercrime Group
The FBI has formally linked the Diavol ransomware operation to the TrickBot Group, the malware developers behind the notorious TrickBot banking trojan.
Sign up for the e-mail list to be informed about the developments in the cyber world and to be informed about the weekly newsletter.
Haber bültenine kaydolduğunuz için teşekkürler!
Something went wrong.