First malware discovered targeting Windows Server containers
Security experts said they’ve discovered the first known malware strain that targets and then escapes Windows Server containers in order to infect a victim’s Kubernetes cluster infrastructure.
Live streams go down across Cox radio & TV stations in apparent ransomware attack
Live streams for radio and TV stations owned by the Cox Media Group, one of the largest media conglomerates in the US, have gone down earlier today in what multiple sources have described as a ransomware attack.
Google to warn of Chrome extensions from new or untrusted developers
Google says it will scan the extensions users install in their Chrome browsers and warn users if they are adding an extension from a new or untrusted developer.
Microsoft will add an HTTP-to-HTTPS mode in Edge
Microsoft announced this week plans to add a feature called “Automatic HTTPS” to its Edge browser, a feature that will automatically switch the user’s connection from HTTP to HTTPS.
Zerodium acquiring zero-days in Pidgin, an IM client popular with cybercriminals
Exploit broker Zerodium announced plans today to pay up to $100,000 for zero-days in Pidgin, a multi-protocol instant messaging desktop client and a popular IM tool used in cybercriminal circles.
TeamTNT botnet makes 50,000 victims over the last three months
TeamTNT, a crypto-mining botnet specialized in infecting misconfigured Docker and Kubernetes platforms, has compromised more than 50,000 systems over the last three months, between March and May 2021, security firm Trend Micro said last week.
Faulty emailing tool prevented Accellion from notifying customers of attacks
Efforts to patch a zero-day vulnerability in Accellion file-sharing servers that was actively exploited by hackers last year were hindered by a faulty emailing tool that delayed crucial customer notifications for days, allowing the attackers to wreak havoc among Accellion devices.
NSA spied on European politicians through Danish telecommunications hub
Denmark’s foreign secret service allowed the US National Security Agency to tap into a crucial internet and telecommunications hub in Denmark and spy on the communications of European politicians, a joint investigation by some of Europe’s biggest news agencies revealed on Sunday.
PoC published for new Microsoft PatchGuard (KPP) bypass
A security researcher has discovered a bug in PatchGuard––a crucial Windows security feature––that can allow threat actors to load unsigned (malicious) code into the Windows operating system kernel.