Cyber security aggregate rss news

Cyber security aggregator - feeds history

totals: cyware (3) packetstormsecurity (1)

Avoid Using Wildcard TLS Certificates, Warns NSA

cyware Oct 17, 2021 Security Tips and Advice

The NSA clued in organizations against the use of wildcard TLS certificates that may lead to a widespread attack on an organization, as well as invite the new ALPACA TLS attack. According to researchers, around 119,000 web servers are still exposed to the new ALPACA attacks.

Fake Android Apps Steal Credentials from Japanese Telecom Users

cyware Oct 17, 2021 Malware and Vulnerabilities

An Android-based phishing campaign was observed targeting customers of telecommunication services based in Japan. The malware-laced fake app steals credentials and session cookies. Experts recommend bypass such risks by avoiding apps downloads from unknown third-party stores.

TrickBot’s FIN12 is Claiming Victims at Higher Rate

cyware Oct 17, 2021 Threat Actors

New Mandiant report claims FIN12 has been dropping Ryuk ransomware rapidly across multiple sectors, with one in five victims in the healthcare sector. It targets organizations that have annual revenues over $300 million, with an average of almost $6 billion. The report found that the average time FIN12 spends on the victim network is reducing each year.