TRU Security

Notepad++, one of the most popular, and free, text and source code editors for Windows systems, is being used by attackers to distribute malware.

The notorious Emotet malware, which recently returned from a hiatus after its botnet was dismantled by a joint task force early this year, has begun installing Cobalt Strike directly — a deviation from its typical tactic of installing a trojan like TrickBot or Qbot and then delivering Cobalt Strike through it.

Late last week, a critical zero-day vulnerability in the popular Java logging library Log4j surfaced when attackers were observed exploiting Minecraft servers via the game’s chat box. It has since become clear that the vulnerability in question poses perhaps the largest security threat we’ve seen in years.Details are still unfolding, but here’s what we know now.

A critical remote code execution (RCE) vulnerability (CVE-2021-44228) in the Log4j Java library is affecting most Java applications, including VMWare vCenter, Minecraft, Twitter, iCloud, and ElasticSearch.

A recent report from the FBI shows that Cuba ransomware has scored at least $43.9 million in total ransom payments after successful attacks on 49 different targets in five critical infrastructure sectors.

Fear of the recent Omicron COVID-19 variant is providing fuel for phishing threats — like one U.K.-based campaign that makes use of a fake NHS website.

Shortly after Trickbot was observed dropping an updated version of the Emotet botnet malware, Windows Defender began incorrectly reporting certain executables and Microsoft Office documents as Emotet payloads.