Welcome to another Afternoon Dessert breakout:
Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
Microsoft has shed light on four different ransomware families – KeRanger, FileCoder, MacRansom, and EvilQuest – that are known to impact Apple macOS systems.
“While these malware families are old, they exemplify the range of capabilities and malicious behavior possible on the platform,” the tech giant’s Security Threat Intelligence team said in a Thursday report.
The initial vector for these
Dridex Malware Now Attacking macOS Systems with Novel Infection Method
A variant of the infamous Dridex banking malware has set its sights on Apple’s macOS operating system using a previously undocumented infection method, according to latest research.
It has “adopted a new technique to deliver documents embedded with malicious macros to users without having to pretend to be invoices or other business-related files,” Trend Micro researcher Armando Nathaniel
Microsoft shares temporary fix for ODBC database connection issues
Microsoft has released a temporary fix for a known issue impacting Windows apps using ODBC database connections after installing the November 2022 Patch Tuesday updates. […]
Amazon S3 will now encrypt all new data with AES-256 by default
Amazon Simple Storage Service (S3) will now automatically encrypt all new objects added on buckets on the server side, using AES-256 by default. […]
Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
A South Africa-based threat actor known as Automated Libra has been observed employing CAPTCHA bypass techniques to create GitHub accounts in a programmatic fashion as part of a freejacking campaign dubbed PURPLEURCHIN.
The group “primarily targets cloud platforms offering limited-time trials of cloud resources in order to perform their crypto mining operations,” Palo Alto Networks Unit 42
FCC wants telecom carriers to report data breaches faster
The U.S. Federal Communications Commission wants to strengthen federal law enforcement and modernize breach notification requirements for telecommunications companies so that they notify customers of security breaches faster. […]
RSA crypto cracked? Or perhaps not!
Stand down from blue alert, it seems… but why not plan your cryptographic agility anyway?
Follow for more…