NPM has removed multiple packages hosted on its repository this week that established connection to remote servers and exfiltrated user data. These 4 packages had collected over 1,000 total downloads over the course of the last few months up until being removed by NPM yesterday. The four packages are: plutov-slack-client - claims to be a … Continue reading NPM nukes NodeJS malware opening Windows, Linux reverse shells
Microsoft has released the October 2020 Office security updates with a total of 24 security updates and 5 cumulative updates for 7 different products, fixing 13 vulnerabilities that could enable remote attackers to execute arbitrary code on vulnerable systems. The highlight of this month's Microsoft Office security updates is without a doubt CVE-2020-16947, a remote … Continue reading Microsoft fixes critical Outlook bug exploitable via preview pane
FIN11, a financially-motivated hacker group with a history starting since at least 2016, has adapted malicious email campaigns to transition to ransomware as the main monetization method. The group runs high-volume operations, lately targeting companies primarily in North America and Europe from almost every industry sector to steal data and to deploy Clop ransomware. Recent … Continue reading FIN11 hackers jump into the ransomware money-making scheme
The destructive worm may have debuted a decade ago, but Stuxnet is still making its presence known. Here are steps you can take to stay safer from similar attacks. Around this time 10 years ago, the Stuxnet worm made its global debut. Unleashed with the intent to destroy the Iranian Bushehr nuclear power plant, the … Continue reading 10 Years Since Stuxnet: Is Your Operational Technology Safe?
Not too long ago, the desktop computer was the primary computing device for enterprise employees. With the rise of mobile endpoints like smartphones, laptops and tablets, employees are connecting to corporate networks from a wide variety of places and devices. Today, especially with the popularity of the WFH (work from home) model, managing the multitude … Continue reading What is mobile device management? MDM explained