Your weekly top 5 technical and security issues Nerds should pay attention to:
Trickbot—the for-hire botnet Microsoft attacked—is scrambling to stay alive.
Good-ish news for once on this persistent tool so common in ransomware targets. They have a new functional server list, though, so egress control is still the #1 most effective mitigation strategy.
Operators of Trickbot—a for-hire botnet that has infected more than 1 million devices since 2016—are looking for new ways to stay afloat after Microsoft and a host of industry partners took coordinated action to disrupt it last week.
Six Russians accused of the world’s most destructive hacks indicted.
More good news, for now. Remember the NotPetya wiper that caused billions in losses or Ukraine power grid attacks?
Six men accused of carrying out some of the world’s most destructive hacks—including the NotPetya disk wiper and power grid attacks that knocked out electricity for hundreds of thousands of Ukrainians—have been indicted in US federal court.
Adblockers installed 300,000 times are malicious and should be removed now.
Pay attention to which ad blockers you use.
Adblocking extensions with more than 300,000 active users have been surreptitiously uploading user browsing data and tampering with users’ social media accounts thanks to malware its new owner introduced a few weeks ago, according to technical analyses and posts on Github.
Botnet Infects Hundreds of Thousands of Websites.
KashmirBlack has been targeting popular content management systems, such as WordPress, Joomla, and Drupal, and using Dropbox and GitHub for communication to hide its presence.
A botnet focused on cryptomining, spamming, and defacement has infected hundreds of thousands of websites running popular content management systems (CMSes), such as WordPress, Joomla, Magneto, and Drupal, according to online security firm Imperva.
Security Experts Alarmed by ‘Broken’ Cyber Market.
Not surprising, but showcases how large the opportunity is if we simply address clients with whom we have a relationship of trust and confidence.
Product hype and a lack of oversight from senior executives have created a “broken” market in cybersecurity technology, experts say, with urgent action needed from both vendors and customers.