BOCRA website




New Clicker Android Malware Infects 20 Million Users

                                                     LATEST CYBER HACKS 


Spikes in Cyberattacks Against Open-Source Repositories

A recent report has disclosed that there has been a tremendous growth of 633% (year-over-year) in cyber-attacks on open-source repositories. This sharp rise goes viz-a-viz with the trend of a boom in the adoption of open-source repos among enterprises.


Exploited Windows zero-day lets JavaScript files bypass security warnings

A new Windows zero-day allows threat actors to use malicious stand-alone JavaScript files to bypass Mark-of-the-Web security warnings. Threat actors are already seen using the zero-day bug in ransomware attacks.


EnergyAustralia latest to be hit by cyber-attack as details of hundreds of customers exposed

EnergyAustralia has become the latest company to be targeted by a cyber-attack, with hundreds of customers’ details exposed.

In a statement released late on Friday, the electricity company said 323 residential and small business customers were affected by unauthorised access to their online platform, My Account.



Vulnerabilities in Cisco Identity Services Engine require your attention (CVE-2022-20822, CVE-2022-20959)

Cisco has published a heads-up for admins of Cisco Identity Services Engine solutions, about two vulnerabilities (CVE-2022-20822, CVE-2022-20959) that could be exploited to read and delete files on an affected device, and to execute arbitrary script or access sensitive information


Security experts targeted with malicious CVE PoC        exploits on GitHub

The experts analyzed PoCs shared on GitHub for known vulnerabilities discovered in 2017-2021, some of these repositories were used by threat actors to spread malware.The experts pointed out that public code repositories do not provide any guarantees that any given PoC comes from a trustworthy source.



LockBit Ransomware - The Most Active Global Threat

One of the most popular and sophisticated threats, LockBit (a RaaS group), has maintained its position of being a leader in ransomware threats. Each of its variants, namely LockBit 1.0, LockBit 2.0 and LockBit 3.0, has caused grave damage and impact during its malicious campaigns, and it continues to do so.


A Worrisome Surge in DeadBolt Ransomware Attacks

Researchers have observed a spike in cyberattacks by Deadbolt ransomware on NAS devices around the globe. With these attacks, it is extorting not just the end customers but the NAS vendors, such as QNAP.



Emotet Botnet Distributing Self-Unlocking Password-Protected RAR Files to Drop Malware

The notorious Emotet botnet has been linked to a new wave of malspam campaigns that take advantage of password-protected archive files to drop CoinMiner and Quasar RAT on compromised systems.


                               GENERAL NEWS


2FA is over. Long live 3FA!

In the past few months, we’ve seen an unprecedented number of identity theft attacks targeting accounts protected by two-factor authentication (2FA), challenging the perception that existing 2FA solutions provide adequate protection against identity theft attacks. The recent Uber breach is just one example, but we see many campaigns circumventing 2FA on various platforms.


Starting in Cybersecurity? Get lifetime access to Infosec4TC for just $69

New cyber threats are identified practically every day. In order to stay ahead, it’s necessary for cybersecurity professionals to retrain often — Which is obviously time intensive and expensive. So we’re offering Infosec4TC Platinum Memberships this week at a severely discounted price so it’s easier than ever to keep abreast of the latest developments.