Phishing and malware actors abuse Google Forms for credentials, data exfiltration

Credit to Author: gallagherseanm| Date: Thu, 23 Sep 2021 12:30:05 +0000

Earlier this year as we researched malware use of Transport Layer Security-based communications to conceal command and control traffic and downloads, we found a disproportionate amount of traffic going to Google cloud services. Among the destinations we found in telemetry were a host of Google Forms pages. The abuse of legitimate public cloud services by [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/Y9pFhAQc4gw” height=”1″ width=”1″ alt=””/>

Read more

Fake pirated software sites serve up malware droppers as a service

Credit to Author: gallagherseanm| Date: Wed, 01 Sep 2021 12:30:43 +0000

Sites advertising “cracked” software packages lead into a network that serves up downloads full of malware instead.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/LIgSotQ9GNg” height=”1″ width=”1″ alt=””/>

Read more

LockFile ransomware’s box of tricks: intermittent encryption and evasion

Credit to Author: Mark Loman| Date: Fri, 27 Aug 2021 20:04:15 +0000

A new ransomware family leveraging the ProxyShell attack uses intermittent encryption of files in an attempt to defeat detection by anti-ransomware tools.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/wxyhRDcTA7U” height=”1″ width=”1″ alt=””/>

Read more

Microsoft pushes fixes for 44 more vulnerabilities in August Patch Tuesday update

Credit to Author: gallagherseanm| Date: Tue, 10 Aug 2021 17:22:49 +0000

A publicly-disclosed remote Print Spooler exploit, and bugs in JScript and NFS, lead the list of the most concerning CVEs.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/B7ksuwCr3Ok” height=”1″ width=”1″ alt=””/>

Read more

Trash Panda as a Service: Raccoon Stealer steals cookies, cryptocoins, and more

Credit to Author: Yusuf Polat| Date: Tue, 03 Aug 2021 12:30:29 +0000

Cookie and credential stealing malware-as-a-service delivered by dropper-as-a-service now packs a “clipper” to steal crypto-transactions, and can drop other malware.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/MRtgYbAYFWs” height=”1″ width=”1″ alt=””/>

Read more