Sign up to save your podcasts
Or
Share QNAP Calls Checkmate, Fake Google Delivers HavanaCrypt, Node.js Patch, and more.
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
QNAP Calls Checkmate, Fake Google Delivers HavanaCrypt, Node.js Patch, and more.
A daily look at the relevant information security news from overnight - 08 July, 2022
Episode 261 - 08 July 2022
QNAP Calls Checkmate- https://www.bleepingcomputer.com/news/security/qnap-warns-of-new-checkmate-ransomware-targeting-nas-devices/
Fake Google Delivers HavanaCrypt -
https://www.securityweek.com/new-havanacrypt-ransomware-distributed-fake-google-software-update
IcedID on Yandex -
https://www.bleepingcomputer.com/news/security/fake-copyright-complaints-push-icedid-malware-using-yandex-forms/
ABCsoup Browser- https://thehackernews.com/2022/07/experts-uncover-350-browser-extension.html
Node.js Patch -
https://portswigger.net/daily-swig/node-js-fixes-multiple-bugs-that-could-lead-to-rce-http-request-smuggling
Hi, I’m Paul Torgersen. It’s Friday July 8th 2022, and this is a look at the information security news from overnight.
From BleepingComputer.com
QNAP is warning customers to secure their network attached storage devices against attacks using Checkmate ransomware. The company says the attacks are focused on Internet-exposed devices with the SMB service enabled, and accounts with weak passwords that can be cracked in brute-force, or dictionary attacks. Ransom notes seen so far put the price tag of the decryptor at about $15,000 of bitcoin.
From SecurityWeek.com:
Security researchers have identified a new ransomware family called HavanaCrypt, that is being delivered as a fake Google Software Update application. The ransomware performs multiple anti-virtualization checks and uses a Microsoft web hosting service IP address for its C2 server, which helps it to evade detection. More details in the article.
From BleepingComputer.com:
Website owners are being targeted with fake copyright infringement complaints to distribute the IcedID banking malware, as well as the BazarLoader and BumbleBee loaders. Instead of using Google Drive or Google Sites to host their alleged reports, this time around the threat actors are using Yandex Forms. Details in the article.
From TheHackerNews.com
Researchers uncovered a malicious browser extension with 350 variants that is masquerading as a Google Translate add-on. The malware family, dubbed ABCsoup, is part of an adware campaign targeting Russian users of Chrome, Opera, and Firefox browsers. The threat group appears to be well organized and originating out of Eastern Europe or Russia.
And last today, from PortSwigger.net
The maintainers of Node.js have released multiple fixes for vulnerabilities in the JavaScript runtime environment. Exploitation of the seven newly patched bugs could lead to arbitrary code execution and HTTP request smuggling, among other attacks. The flaws impact all versions of the 18.x, 16.x and 14.x releases. Get your patch on kids.
That’s all for me this week. Have a fantastic weekend. Like and subscribe, and until next time, be safe out there.
Episode 261 - 08 July 2022
QNAP Calls Checkmate- https://www.bleepingcomputer.com/news/security/qnap-warns-of-new-checkmate-ransomware-targeting-nas-devices/
Fake Google Delivers HavanaCrypt -
https://www.securityweek.com/new-havanacrypt-ransomware-distributed-fake-google-software-update
IcedID on Yandex -
https://www.bleepingcomputer.com/news/security/fake-copyright-complaints-push-icedid-malware-using-yandex-forms/
ABCsoup Browser- https://thehackernews.com/2022/07/experts-uncover-350-browser-extension.html
Node.js Patch -
https://portswigger.net/daily-swig/node-js-fixes-multiple-bugs-that-could-lead-to-rce-http-request-smuggling
Hi, I’m Paul Torgersen. It’s Friday July 8th 2022, and this is a look at the information security news from overnight.
From BleepingComputer.com
QNAP is warning customers to secure their network attached storage devices against attacks using Checkmate ransomware. The company says the attacks are focused on Internet-exposed devices with the SMB service enabled, and accounts with weak passwords that can be cracked in brute-force, or dictionary attacks. Ransom notes seen so far put the price tag of the decryptor at about $15,000 of bitcoin.
From SecurityWeek.com:
Security researchers have identified a new ransomware family called HavanaCrypt, that is being delivered as a fake Google Software Update application. The ransomware performs multiple anti-virtualization checks and uses a Microsoft web hosting service IP address for its C2 server, which helps it to evade detection. More details in the article.
From BleepingComputer.com:
Website owners are being targeted with fake copyright infringement complaints to distribute the IcedID banking malware, as well as the BazarLoader and BumbleBee loaders. Instead of using Google Drive or Google Sites to host their alleged reports, this time around the threat actors are using Yandex Forms. Details in the article.
From TheHackerNews.com
Researchers uncovered a malicious browser extension with 350 variants that is masquerading as a Google Translate add-on. The malware family, dubbed ABCsoup, is part of an adware campaign targeting Russian users of Chrome, Opera, and Firefox browsers. The threat group appears to be well organized and originating out of Eastern Europe or Russia.
And last today, from PortSwigger.net
The maintainers of Node.js have released multiple fixes for vulnerabilities in the JavaScript runtime environment. Exploitation of the seven newly patched bugs could lead to arbitrary code execution and HTTP request smuggling, among other attacks. The flaws impact all versions of the 18.x, 16.x and 14.x releases. Get your patch on kids.
That’s all for me this week. Have a fantastic weekend. Like and subscribe, and until next time, be safe out there.
View all episodes
By Paul TorgersenA daily look at the relevant information security news from overnight - 08 July, 2022
Episode 261 - 08 July 2022
QNAP Calls Checkmate- https://www.bleepingcomputer.com/news/security/qnap-warns-of-new-checkmate-ransomware-targeting-nas-devices/
Fake Google Delivers HavanaCrypt -
https://www.securityweek.com/new-havanacrypt-ransomware-distributed-fake-google-software-update
IcedID on Yandex -
https://www.bleepingcomputer.com/news/security/fake-copyright-complaints-push-icedid-malware-using-yandex-forms/
ABCsoup Browser- https://thehackernews.com/2022/07/experts-uncover-350-browser-extension.html
Node.js Patch -
https://portswigger.net/daily-swig/node-js-fixes-multiple-bugs-that-could-lead-to-rce-http-request-smuggling
Hi, I’m Paul Torgersen. It’s Friday July 8th 2022, and this is a look at the information security news from overnight.
From BleepingComputer.com
QNAP is warning customers to secure their network attached storage devices against attacks using Checkmate ransomware. The company says the attacks are focused on Internet-exposed devices with the SMB service enabled, and accounts with weak passwords that can be cracked in brute-force, or dictionary attacks. Ransom notes seen so far put the price tag of the decryptor at about $15,000 of bitcoin.
From SecurityWeek.com:
Security researchers have identified a new ransomware family called HavanaCrypt, that is being delivered as a fake Google Software Update application. The ransomware performs multiple anti-virtualization checks and uses a Microsoft web hosting service IP address for its C2 server, which helps it to evade detection. More details in the article.
From BleepingComputer.com:
Website owners are being targeted with fake copyright infringement complaints to distribute the IcedID banking malware, as well as the BazarLoader and BumbleBee loaders. Instead of using Google Drive or Google Sites to host their alleged reports, this time around the threat actors are using Yandex Forms. Details in the article.
From TheHackerNews.com
Researchers uncovered a malicious browser extension with 350 variants that is masquerading as a Google Translate add-on. The malware family, dubbed ABCsoup, is part of an adware campaign targeting Russian users of Chrome, Opera, and Firefox browsers. The threat group appears to be well organized and originating out of Eastern Europe or Russia.
And last today, from PortSwigger.net
The maintainers of Node.js have released multiple fixes for vulnerabilities in the JavaScript runtime environment. Exploitation of the seven newly patched bugs could lead to arbitrary code execution and HTTP request smuggling, among other attacks. The flaws impact all versions of the 18.x, 16.x and 14.x releases. Get your patch on kids.
That’s all for me this week. Have a fantastic weekend. Like and subscribe, and until next time, be safe out there.
Episode 261 - 08 July 2022
QNAP Calls Checkmate- https://www.bleepingcomputer.com/news/security/qnap-warns-of-new-checkmate-ransomware-targeting-nas-devices/
Fake Google Delivers HavanaCrypt -
https://www.securityweek.com/new-havanacrypt-ransomware-distributed-fake-google-software-update
IcedID on Yandex -
https://www.bleepingcomputer.com/news/security/fake-copyright-complaints-push-icedid-malware-using-yandex-forms/
ABCsoup Browser- https://thehackernews.com/2022/07/experts-uncover-350-browser-extension.html
Node.js Patch -
https://portswigger.net/daily-swig/node-js-fixes-multiple-bugs-that-could-lead-to-rce-http-request-smuggling
Hi, I’m Paul Torgersen. It’s Friday July 8th 2022, and this is a look at the information security news from overnight.
From BleepingComputer.com
QNAP is warning customers to secure their network attached storage devices against attacks using Checkmate ransomware. The company says the attacks are focused on Internet-exposed devices with the SMB service enabled, and accounts with weak passwords that can be cracked in brute-force, or dictionary attacks. Ransom notes seen so far put the price tag of the decryptor at about $15,000 of bitcoin.
From SecurityWeek.com:
Security researchers have identified a new ransomware family called HavanaCrypt, that is being delivered as a fake Google Software Update application. The ransomware performs multiple anti-virtualization checks and uses a Microsoft web hosting service IP address for its C2 server, which helps it to evade detection. More details in the article.
From BleepingComputer.com:
Website owners are being targeted with fake copyright infringement complaints to distribute the IcedID banking malware, as well as the BazarLoader and BumbleBee loaders. Instead of using Google Drive or Google Sites to host their alleged reports, this time around the threat actors are using Yandex Forms. Details in the article.
From TheHackerNews.com
Researchers uncovered a malicious browser extension with 350 variants that is masquerading as a Google Translate add-on. The malware family, dubbed ABCsoup, is part of an adware campaign targeting Russian users of Chrome, Opera, and Firefox browsers. The threat group appears to be well organized and originating out of Eastern Europe or Russia.
And last today, from PortSwigger.net
The maintainers of Node.js have released multiple fixes for vulnerabilities in the JavaScript runtime environment. Exploitation of the seven newly patched bugs could lead to arbitrary code execution and HTTP request smuggling, among other attacks. The flaws impact all versions of the 18.x, 16.x and 14.x releases. Get your patch on kids.
That’s all for me this week. Have a fantastic weekend. Like and subscribe, and until next time, be safe out there.