Afternoon Dessert – 2022-12-20


Welcome to another Afternoon Dessert breakout:

KmsdBot Botnet Suspected of Being Used as DDoS-for-Hire Service
An ongoing analysis of the KmsdBot botnet has raised the possibility that it’s a DDoS-for-hire service offered to other threat actors.
This is based on the different industries and geographies that were attacked, web infrastructure company Akamai said. Among the notable targets included FiveM and RedM, which are game modifications for Grand Theft Auto V and Red Dead Redemption 2, as well as
Read more….

A Guide to Efficient Patch Management with Action1
It’s no secret that keeping software up to date is one of the key best practices in cybersecurity. Software vulnerabilities are being discovered almost weekly these days. The longer it takes IT teams to apply updates issued by developers to patch these security flaws, the more time attackers have to exploit the underlying vulnerability. Once threat actors gain access to corporate IT ecosystems,
Read more….

Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War
The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war.
The attack, which took place on August 30, 2022, is just one of multiple attacks orchestrated by the advanced persistent threat (APT) that’s attributed to Russia’s Federal Security Service (FSB).
Read more….

Raspberry Robin worm drops fake malware to confuse researchers
The Raspberry Robin malware is now trying its hand at some trickery by dropping a fake payload to confuse researchers and evade detection when it detects it’s being run within sandboxes and debugging tools. […]
Read more….

Beware: Cybercriminals Launch New BrasDex Android Trojan Targeting Brazilian Banking Users
The threat actors behind the Windows banking malware known as Casbaneiro has been attributed as behind a novel Android trojan called BrasDex that has been observed targeting Brazilian users as part of an ongoing multi-platform campaign.
BrasDex features a “complex keylogging system designed to abuse Accessibility Services to extract credentials specifically from a set of Brazilian targeted apps,
Read more….

Microsoft dishes the dirt on Apple’s “Achilles heel” shortly after fixing similar Windows bug
It happens to the best of us: Microsoft highlights a security bypass bug on Macs that is curiously similar to a recent Windows 0-day.
Read more….

OneCoin scammer Sebastian Greenwood pleads guilty, “Cryptoqueen” still missing
The Cryptoqueen herself is still missing, but her co-conspirator, who is said to have pocketed over $20m a month, has been convicted.
Read more….

Hackers bombard PyPi platform with information-stealing malware
The PyPi python package repository is being bombarded by a wave of information-stealing malware hiding inside malicious packages uploaded to the platform to steal software developers’ data. […]
Read more….

Follow for more…


Create a website or blog at

%d bloggers like this: