A report recently released by Kaspersky Labs has detailed a threat actor making use of a CLFS (Common Log File System) exploit to escalate privileges. The group Kaspersky attributed to this attack is well known for its many distinct but similar CLFS driver exploits that likely come from the same exploit developer. Kaspersky’s working theory […] The post Nokoyawa Ransomware Attacks Leveraging Windows Zero Day appeared first on Binary Defense ..read more

The enterprise software vendor SAP has released several security updates for its products, two of which concern critical-severity vulnerabilities that impact the SAP Diagnostics Agent and the SAP BusinessObjects Business Intelligence Platform. SAP is the largest Enterprise Resource Planning (ERP) vendor in the world with over 425,000 customers in 180 countries. Over 90% of the […] The post Two Critical-Severity Vulnerabilities Patched in Latest Security Updates from SAP appeared first on Binary Defense ..read more

Last week Checkmarx Security detailed the attack that led to a temporary Denial of Service (DoS) on the Node.js package repository npm in March. Threat actors uploaded hundreds of thousands of fake packages in a type of SEO-poisoning attack that relies on the reputation of package managers to place the bogus packages at the top […] The post Deluge of Fake Packages Cause DoS Attack on npm appeared first on Binary Defense ..read more

According to a recent report from Kaspersky, criminals are trading malicious loader programs that can trojanize Android applications to evade Google Play Store defenses. These loader programs are particularly popular for hiding malware and unwanted software in certain application categories, including cryptocurrency trackers, financial apps, QR-code scanners, and dating apps. Dropper apps are the primary […] The post Evading Google Play Store Defenses: Criminals Trading Malicious Android Loaders appeared first on Binary Defense ..read more

Yum Brands, the parent company of popular fast-food chains KFC, Pizza Hut, and Taco Bell, has disclosed a data breach after a ransomware attack on its systems. The company, which operates more than 50,000 restaurants in over 150 countries, said the breach occurred in late May 2021 and was discovered during an investigation into the […] The post Yum Brands Reports Breach After Ransomware Attack appeared first on Binary Defense ..read more

In order to address two actively exploited zero-day vulnerabilities discovered by Google’s Threat Analysis Group and Amnesty International’s Security Lab that also affect earlier iPhones, iPads, and Macs, Apple has published emergency updates to backport security patches that were announced on Friday. Apple stated in security advisories posted on Monday that it was “aware of […] The post Apple Releases Emergency Updates For Older iOS Devices After Recent Discovery Of Zero-Day Vulnerabilities appeared first on Binary Defense ..read more

Over the past week, Israel has experienced significant cyber attacks on the Israel Post and irrigation systems in the North. The Israel Postal Company detected and prevented an attack on their computer servers by a “hostile party” and shut down part of their systems in response. This did not affect banking services, which operate on […] The post Various Industries in Israel Dealing with Cyber Issues appeared first on Binary Defense ..read more

A threat group known as ARES is becoming well-known on the cybercrime scene due to selling and leaking databases stolen from businesses and government agencies. The actor first appeared on Telegram in late 2021 and has since been linked to the RansomHouse ransomware operation, the KelvinSecurity data leak platform, and the network access group Adrastea. […] The post Breached Shutdown Triggers Shift to ARES Data Leak Forums appeared first on Binary Defense ..read more

The Iranian nation-state group known as MuddyWater has been observed carrying out destructive attacks on hybrid environments under the guise of a ransomware operation. That’s according to new findings from the Microsoft Threat Intelligence team, which discovered the threat actor targeting both on-premises and cloud infrastructures in partnership with another emerging activity cluster dubbed DEV-1084. MuddyWater is the […] The post Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise appeared first on Binary Defense ..read more

A coordinated international law enforcement operation has dismantled Genesis Market, an illegal online marketplace that specialized in the sale of stolen credentials associated with email, bank accounts, and social media platforms. Coinciding with the infrastructure seizure, the major crackdown, which involved authorities from 17 countries, culminated in 119 arrests and 208 property searches in 13 […] The post FBI Cracks Down on Genesis Market appeared first on Binary Defense ..read more