Posts - The Heimdal Security Blog

Signal App Safety Numbers Remain Unchanged

When Reinstalling the Signal App or Switching Over to a New Device, the Signal SN May Not Always Change.

FreakOut Malware Adds New Functionalities

Windows and Linux Devices Are Now Being Targeted by A Multi-Platform Python-Based Malware That Has Been Upgraded to Worm Its Way into Internet-Exposed VMware vCenter Servers.

Cybersecurity News | Quick Read

A 55-year Old Latvian Woman Accused of Deploying Trickbot Malware

US Justice Department Accused Her of Developing Malicious Software that Infected Devices Globally and Robed Bank Accounts of Millions of Dollars.

Cybersecurity News | Quick Read

Colonial Pipeline Ransomware Lures Are Used in Phishing Attacks

The Ransomware Attack on Colonial Pipeline Helped a Threat Actor to Create a New Phishing Lure Able to Trick Victims Into Downloading Malicious Files.

Cybersecurity News | Quick Read

New Evil Corp Ransomware Bypasses OFAC Sanctions by Mimicking PayloadBin Gang

PayloadBIN Has Been Linked to the Evil Corp Cybercrime Gang Who Uses It to Avoid Sanctions Imposed by the Treasury Department’s Office of Foreign Assets Control.

Cybersecurity News | Quick Read

Severe RCE Vulnerability in VMware vCenter Server Is Under Attack

VMware Clients Are Also Urged to Patch ASAP to Prevent Future Ransomware Attacks Targeting Vulnerable Center Servers.

Cybersecurity News | Quick Read

Scripps Health Is Notifying Patients Regarding a Data Breach After a Ransomware Attack

The Nonprofit Healthcare Provider Suffered a Data Breach That Left Exposed Patient Information After Suffering a Ransomware Attack.

Cybersecurity News | Quick Read

SkinnyBoy Malware Is Used by Russian Hackers to Breach Sensitive Organisations

New Malware Called Skinnyboy Was Used in Spear-Phishing Campaigns Attributed to Russian-Speaking Hacking Group APT28.

Cybersecurity News | Quick Read

UF Health Central Florida Affected by Ransomware Attack

Following the Attack, they Close Down Parts of their Networks to Avert Further Damage to their Organization.

Cybersecurity News | Quick Read

The Largest Ferry Service from Massachusetts Was Hit by a Ransomware Attack

The Steamship Authority Was hit by a Ransomware Attack Which Led to Ticketing and Reservation Disruptions.

Cybersecurity News | Quick Read

Hackers Linked to the Chinese Government Attacked the NYC MTA’s Computer Systems

MTA Say Riders Were Never at Risk, and Probably No Passenger or Employee Data Was Compromised.

Cybersecurity News | Quick Read

ARIN to Take Down Its RPKI for 30 Minutes to Test BGP Routes

The American Registry for Internet Numbers Will Perform an Unannounced Maintenance of Its RPKI to Check if Networks Are Adhering to BGP Best Practices.

Cybersecurity News | Quick Read

ASD Is Using Confidential Capabilities to Alert Local Companies of Imminent Ransomware Attack

Following the Channel Nine Attack, the Agency Says Two Other Entities Are About to Suffer a Ransomware Attack as Well.

Cybersecurity News | Quick Read

REvil Ransomware Responsible for the JBS Attack, FBI Says

The Agency Revealed in A Statement That It Is Working to Bring the Threat Actors to Justice.

Cybersecurity News | Quick Read

FUJIFILM Had Shut Down Its Network After a Suspected Ransomware Attack

The Company Is Investigating a Ransomware Attack and Decided to Shut Down Parts of Its Network in Order to Prevent the Attack’s Spread.

Cybersecurity News | Quick Read

Huawei USB LTE Dongles Are Prone to Attacks Due to A Privilege Escalation Flaw

According to Cybersecurity Analysts, Threat Actors Can Exploit This Vulnerability to Launch Privilege Escalation Attacks.

Cybersecurity News | Quick Read

Russian Forum Initiates Competition for New Methods to Steal Digital Resources

The Award for the “Best” Research Consists of $100,000 in Prizes.

Cybersecurity News | Quick Read

Threat Actors‌ ‌Are Actively‌ ‌Exploiting‌ ‌Zero Day‌ Vulnerability ‌in WordPress Plugin

This Zero Day Vulnerability Could Allow Attackers to Upload Executable PHP Files to Any Site with the Plugin Installed.

Cybersecurity News | Quick Read

Health Agency from Sweden Closes SmiNet after Multiple Hacking Attempts

The Swedish Public Health Agency – Folkhälsomyndigheten Shut Down SmiNet, the Country’s Infectious Diseases Database.

Cybersecurity News | Quick Read

Internet Domains Used by APT29 in Phishing Attacks Seized by the US

Two Internet Domains Used by Nobelium in Recent USAID Phishing Attacks Were Seized by the US Department of Justice.

Cybersecurity News | Quick Read

World’s Largest Meat Processing Company JBS Hit by Cyberattack

It Is Believed that Russian Threat Actors Are Behind the JBS Ransomware Attack.

Cybersecurity News | Quick Read

Epsilon Red Ransomware Goes After Unpatched Microsoft Exchange Servers

Ransomware Threat Red Epsilon Has Been Leveraging Microsoft Exchange Server Vulnerabilities to Encrypt Machines Across the Network.

Cybersecurity News | Quick Read

Russian Hackers Are Using 4 New Malware Families

A Russian Hacking Group Has Used New Malware Families in Recent Phishing Attacks Impersonating the United States Agency for International Development (USAID).

Cybersecurity News | Quick Read

Scam Alert! Unsubscribe Spam Emails Used by Spammers to Confirm Legitimate Email Accounts

These Unsubscribe Emails Only Cause Further Spam.

Cybersecurity News | Quick Read

Phishing Victims are Urged to Send their Mailing Address to Hackers Posing as Walmart

“We Were Not Able to Deliver Your Postal Package in Time Because Your Address Is Not Correct “, the Email Reads.

Cybersecurity Basics | Quick Read

What Is CERT in Security and Why Do You Need It?

A Brief History of CERT. The Role of CERT in Information Security.