Daily Cyber Brief
A phishing attack leads to millions stolen from Uniswap users, CISA orders agencies to patch Windows 0-days, and the head of the European Central Bank was targeted in a hacking attempt...
Cybersecurity
The global internet—a vast matrix of telecommunications, fiber optics, and satellite networks—is in large part a creation of the United States. The technologies that underpin the internet grew out of federal research projects, and U.S. companies innovated, commercialized…
In January 2022, a new browser hijacker/adware campaign named ChromeLoader (also known as Choziosi Loader and ChromeBack) was discovered. Despite using simple malicious advertisements, the malware became widespread, potentially leaking data from thousands…
A new data extortion group has been breaching companies to steal confidential information, threatening victims to make the files publicly available unless they pay a ransom. The gang received the name Luna Moth and has been active since at least March in phishing…
A phishing attack on users of Uniswap, a decentralized cryptocurrency exchange, has caused millions of dollars in losses. The incident first came to light on Monday when Binance CEO Changpeng Zhao said his threat intelligence team “detected a potential exploit on Uniswap…
Microsoft today released patches for 84 vulnerabilities across its product categories, including one bug now actively exploited and four that the company rated as critical severity. The July security update also includes fixes for four elevation of privilege vulnerabilities in the…
CISA has added an actively exploited local privilege escalation vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS) to its list of bugs abused in the wild. This high severity security flaw (tracked as CVE-2022-22047) impacts both server and client Windows…
Victims instructed to make a phone call that will direct them to a link for downloading malware. A new callback phishing campaign is impersonating prominent security companies to try to trick potential victims into making a phone call that will instruct them to download…
Microsoft says a massive series of phishing attacks has targeted more than 10,000 organizations starting with September 2021, using the gained access to victims' mailboxes in follow-on business email compromise (BEC) attacks. The threat actors used landing pages…
The European Central Bank said Tuesday that its president, Christine Lagarde, was targeted in a hacking attempt but no information was compromised. The attempt took place “recently,” the Frankfurt-based central bank for the 19 countries that use the euro said in an…
US government contractor Aerojet Rocketdyne has paid a $9m settlement after allegations that it misrepresented its compliance with US government security requirements. The El Segundo, California, company violated the False Claims Act, according to allegations…