This is interesting… could this all have really been from a password reuse on Constant Contact from a breached site?

Cracking breached password hashes and trying associated passwords from other breached sites are attacks that scale and work exceedingly well…dinodaizovi – Twitter – May 29 2021 19:01This is interesting… could this all have really been from a password reuse on Constant Contact from a breached site?

Cracking breached password hashes and trying associated passwords from other breached sites are attacks that scale and work…

Ransomware forced Bose systems offline, exposed personal data of 6 former employees

hxxps://www[.]cyberscoop[.]com/bose-ransomware-hack-letter/ hxxps://twitter[.]com/CyberScoopNews/status/1398761582885232641/photo/1CyberScoopNews – Twitter – May 29 2021 22:02Ransomware forced Bose systems offline, exposed personal data of 6 former employees

hxxps://www[.]cyberscoop[.]com/bose-ransomware-hack-letter/ hxxps://twitter[.]com/CyberScoopNews/status/1398761582885232641/photo/1

Data leakage incidents are making daily headlines. Should you worry?

Start with the basics. Check our our guide to understand what a #DataBreach is, how to prevent it from happening and what protections to implement ➡ hxxps://okt[.]to/9FuMbS hxxps://twitter[.]com/Imperva/status/1398754785071935495/photo/1Imperva – Twitter – May 29 2021 21:35Data leakage incidents are making daily headlines. Should you worry?

Start with the basics. Check our our guide to understand what a #DataBreach is, how to prevent it from happening and what protections to implement ➡ hxxps://okt[.]to/9FuMbS…

UMD-Baltimore updates Accellion breach notification after finding PII and PHI involvedOffice of Inadequate Security – May 29 2021 11:51On April 1, DataBreaches[.]net reported that the University of Maryland, Baltimore was one of the educational entities…

The Anonymous Indonesia News Daily is out! hxxps://paper[.]li/anon_indonesia/1435572762?edition_id=74293430-c0f5-11eb-ae66-fa163e6ccaffanon_indonesia – Twitter – May 30 2021 03:16The Anonymous Indonesia News Daily is out! hxxps://paper[.]li/anon_indonesia/1435572762?edition_id=74293430-c0f5-11eb-ae66-fa163e6ccaff

Breaking down NOBELIUM’s latest early-stage toolset – Microsoft SecurityReddit – BlueTeamSec – RSS – May 29 2021 07:56submitted by /u/darronofsky [link]…

Microsoft warns of current Nobelium phishing campaign impersonating USAID hxxps://www[.]zdnet[.]com/article/microsoft-warns-of-current-nobelium-phishing-campaign-impersonating-usaid/?ftag=COS-05-10aaa0g&taid=60b1fb91b08c4b000174572e&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitterZDNet – Twitter – May 29 2021 08:30Microsoft warns of current Nobelium phishing campaign impersonating USAID…

RT @MsftSecIntel: Microsoft continues to monitor the active email-based attack from NOBELIUM. In a new blog post, we highlight four tools representing a unique infection chain utilized by NOBELIUM: EnvyScout, BoomBox, NativeZone, and VaporRage. hxxps://msft[.]it/6010VNMOpbartblaze – Twitter – May 29 2021 10:47RT @MsftSecIntel: Microsoft continues to monitor the active email-based attack from NOBELIUM. In a new blog post, we highlight four tools representing a unique infection chain utilized by NOBELIUM: EnvyScout, BoomBox, NativeZone, and VaporRage….

Qakbot marches oncurtw – Twitter – May 29 2021 16:28Qakbot marches on

The smallest ransom amount we seen someone paid to REvil ransomware gang this year was ~$500 worth XMR.malwrhunterteam – Twitter – May 29 2021 17:27The smallest ransom amount we seen someone paid to REvil ransomware gang this year was ~$500 worth XMR.

RT @malwrhunterteam: “Prometheus – group of REvil”
After going for at least a bit more than a month already it seems, still not a single mention about this ransomware group…
🤔
cc @VK_Intel @demonslay335 hxxps://twitter[.]com/malwrhunterteam/status/1387159591264346113/photo/1JAMESWT_MHT – Twitter – May 29 2021 10:36RT @malwrhunterteam: "Prometheus – group of REvil"
After going for at least a bit more than a month already it seems, still not a single mention about this ransomware group…
🤔
cc @VK_Intel @demonslay335…

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack – Malwarebytes Labs | Malwarebytes Labs hxxps://blog[.]malwarebytes[.]com/threat-spotlight/2021/05/threat-spotlight-conti-the-ransomware-used-in-the-hse-healthcare-attack/Securityblog – Twitter – May 29 2021 17:38Threat spotlight: Conti, the ransomware used in the HSE healthcare attack – Malwarebytes Labs | Malwarebytes Labs hxxps://blog[.]malwarebytes[.]com/threat-spotlight/2021/05/threat-spotlight-conti-the-ransomware-used-in-the-hse-healthcare-attack/

CVE-2021-33564 An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The pro… hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-33564CVEnew – Twitter – May 29 2021 14:45CVE-2021-33564 An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The…

Siemens Patches Major PLC Flaw that Bypasses Its … hxxps://www[.]darkreading[.]com/physical-security/siemens-patches-major-plc-flaw-that-bypasses-its-sandbox-protection/d/d-id/1341161Securityblog – Twitter – May 29 2021 17:35Siemens Patches Major PLC Flaw that Bypasses Its … hxxps://www[.]darkreading[.]com/physical-security/siemens-patches-major-plc-flaw-that-bypasses-its-sandbox-protection/d/d-id/1341161

CVE-2021-31703 Frontier ichris through 5.18 allows users to upload malicious executable files that might later be downloaded and run by any client user. hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-31703CVEnew – Twitter – May 29 2021 14:45CVE-2021-31703 Frontier ichris through 5.18 allows users to upload malicious executable files that might later be downloaded and run by any client user. hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-31703

CVE-2021-30461 A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value (which might contain PHP code) is injected into config/configuration[.]php. hxxps://cve[.]mitre[.]org/cgi-bin/cvename.cgi?name=CVE-2021-30461CVEnew – Twitter – May 29 2021 13:45CVE-2021-30461 A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value (which might contain PHP code) is injected into config/configuration[.]php….

Mexican Lottery Blocks Access to Foreign IPs Following Avaddon Ransomware AttackTechNadu – May 29 2021 09:03Avaddon hit the Mexican state lottery agency and is already leaking sensitive documents on the site. The government responded by blocking access to all foreign IP addresses, hoping to defend against subsequent DDoS attacks. As it seems to be the case,…

GitHub – YiZeng623/frequency-backdoor: We find most existing triggers of backdoor attacks in deep learning contain severe artifacts in the frequency domain. This Repo. explores how we can use these artifacts to develop stronger backdoor defenses and attack hxxps://github[.]com/YiZeng623/frequency-backdoorSecurityblog – Twitter – May 29 2021 17:43GitHub – YiZeng623/frequency-backdoor: We find most existing triggers of backdoor attacks in deep learning contain severe artifacts in the frequency domain. This Repo. explores how we can use these artifacts to develop stronger backdoor defenses and…

Beware: Walmart phishing attack says your package was not deliveredBleepingComputer.com – May 29 2021 18:41A Walmart phishing campaign is underway that attempts to steal your personal information and verifies your email for further phishing attacks. […]

Security News in Review: SolarWinds Threat Group Launches New Phishing CampaignSecurity Bloggers Network – May 29 2021 13:35…