Quickbooks malware targets tax data for attackers to sell and use in phishing scams.
Cybercriminals are ready for tax season with new malware designed to exfiltrate Quickbooks data and post it on the internet, according to a new report from ThreatLocker.
Attackers use email to deliver the malware, which the ThreatLocker’s CEO Danny Jenkins told Threatpost is a simple, 15-line piece of code. There are two specific methods attackers used to get the malware to targets: The first is to send a PowerShell command to exfiltrate the data; and the second is to use a Word document to deliver a link or macro to retrieve a file.
Mozilla said its Total Cookie Protection feature in Firefox 86 prevents invasive, cross-site cookie tracking.
The Mozilla Foundation has released its latest version of the Firefox browser, which comes with new privacy protections to squash cross-site cookie tracking, as well as a slew of security vulnerability fixes.
Firefox 86, released on Tuesday, includes what it touts as a privacy-bolstering feature called Total Cookie Protection. This new feature isolates each cookie assigned by each website – preventing websites from tracking internet users in an invasive, cross-site manner.
“Total Cookie Protection confines cookies to the site where they were created, which prevents tracking companies from using these cookies to track your browsing from site to site,” said Tim Huang, Johann Hofmann and Arthur Edelstein with Mozilla on Tuesday.
minute read
Share this article:
Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches.
A critical vulnerability in Cisco Systems’ intersite policy manager software could allow a remote attacker to bypass authentication.
The vulnerability is one of three critical flaws fixed by Cisco on this week. It exists in Cisco’s ACI Multi-Site Orchestrator (ACI MSO) this is Cisco’s management software for businesses, which allows them to monitor the health of all interconnected policy-management sites.
The flaw stems from improper token validation on an API endpoint in Cisco’s ACI MSO.
The hotly anticipated GeForce RTX 3060, a ray-tracing-friendly, advanced gaming graphics chip, will also throttle Ethereum mining.
Nvidia, the chip company known for its gaming-friendly graphical processing units (GPUs), said that its hotly anticipated GeForce RTX 3060 chipset, launching Thursday, has an added bonus of thwarting crypto-mining. Experts applaud the effort, but are skeptical the move will take the bullseye off the backs of gamers and their computer rigs.
“With the launch of GeForce RTX 3060 on Feb. 25, we’re taking an important step,” the company said in a statement. “RTX 3060 software drivers are designed to detect specific attributes of the Ethereum cryptocurrency mining algorithm, and limit the hash rate, or cryptocurrency mining efficiency, by around 50 percent.”
minute read
Share this article:
As more organizations migrate to Office 365, cybercriminals are using Outlook, Teams and other Microsoft-themed phishing lures to swipe user credentials.
Almost half of phishing attacks in 2020 aimed to swipe credentials using Microsoft-related lures – from the Office 365 enterprise service lineup to its Teams collaboration platform.
According to a Tuesday report by Cofense, which analyzed millions of emails related to various attacks, 57 percent were phishing emails aiming to steal victim usernames and passwords. The remainder of malicious emails were utilized in business email compromise (BEC) attacks or for malware delivery.
Of those phishing emails, 45 percent were Microsoft-themed, said researchers: Cybercriminals are both relying on Microsoft-themed lures for their emails, as well as using ensuing phishing landing pages that either spoof or leverage legitimate Microsoft domains or services.