INFORMATION SYSTEMS MADE SIMPLE
- New RedAlert Ransomware targets Windows, Linux VMware ESXi serversby Lawrence Abrams on July 5, 2022 at 10:20 pm
A new ransomware operation called RedAlert, or N13V, encrypts both Windows and Linux VMWare ESXi servers in attacks on corporate networks. [...]
- Microsoft Azure now has confidential VMs with ephemeral storageby Sergiu Gatlan on July 5, 2022 at 7:40 pm
Microsoft has expanded its confidential computing offering and is now allowing Azure cloud computing service customers to create hardware isolated virtual machines (aka confidential VMs) with Ephemeral OS disks. [...]
- NPM supply-chain attack impacts hundreds of websites and appsby Sergiu Gatlan on July 5, 2022 at 5:55 pm
An NPM supply-chain attack dating back to December 2021 used dozens of malicious NPM modules containing obfuscated Javascript code to compromise hundreds of downstream desktop apps and websites. [...]
- Microsoft quietly fixes ShadowCoerce Windows NTLM Relay bugby Sergiu Gatlan on July 5, 2022 at 4:17 pm
Microsoft has confirmed it fixed a previously disclosed 'ShadowCoerce' vulnerability as part of the June 2022 updates that enabled attackers to target Windows servers in NTLM relay attacks. [...]
- AstraLocker ransomware shuts down and releases decryptorsby Sergiu Gatlan on July 4, 2022 at 6:15 pm
The threat actor behind the lesser-known AstraLocker ransomware told BleepingComputer they're shutting down the operation and plan to switch to cryptojacking. [...]
- Google patches new Chrome zero-day flaw exploited in attacksby Sergiu Gatlan on July 4, 2022 at 5:56 pm
Google has released Chrome 103.0.5060.114 for Windows users to address a high-severity zero-day vulnerability exploited by attackers in the wild, the fourth Chrome zero-day patched in 2022. [...]