A Census of Deployed Pulse Connect Secure (PCS) Versions
research.nccgroup.com/2021/04/23/a-census-of-deployed-pulse-connect-secure-pcs-versions/ Today we are releasing some statistics around deployment of Pulse Connect Secure versions in the wild. The hope is that by releasing these statistics we can help to highlight the risk around outdated versions of PCS, which are being actively exploited by malicious actors.
Supply chain attack on the password manager Clickstudios – PASSWORDSTATE
www.csis.dk/newsroom-blog-overview/2021/moserpass-supply-chain/ The company ClickStudios recently notified their customers about a breach resulting in a supply chain attack conducted via an update of the password manager PASSWORDSTATE.
HashiCorp is the latest victim of Codecov supply-chain attack
www.bleepingcomputer.com/news/security/hashicorp-is-the-latest-victim-of-codecov-supply-chain-attack/ Open-source software tools and Vault maker HashiCorp disclosed a security incident yesterday that occurred due to the recent Codecov attack.
10, 000+ unpatched home alarm systems can be deactivated remotely
therecord.media/10000-unpatched-home-alarm-systems-can-be-deactivated-remotely/ Thousands of ABUS Secvest smart alarm systems are currently unpatched and vulnerable to a bug that would allow miscreants to remotely disable alarm systems and expose homes and corporate headquarters to intrusions and thefts. ABUS patched the bug in January, but three months later, more than 90% of its customers have yet to apply the firmware patch.
Apple’s Ransomware Mess Is the Future of Online Extortion
www.wired.com/story/apple-ransomware-attack-quanta-computer/ This week, hackers stole confidential schematics from a third-party supplier and demanded $50 million not to release them. The connection to Apple and dramatic timing generated buzz about the attack. But it also reflects the confluence of a number of disturbing trends in ransomware. After years of refining their mass data encryption techniques to lock victims out of their own systems, criminal gangs are increasingly focusing on data theft and extortion as the centerpiece of their attacksand making eye-popping demands in the process. Given how aggressively ransomware has evolvedand on an international scalethey’ll have their hands more than full.
A ransomware gang made $260, 000 in 5 days using the 7zip utility
www.bleepingcomputer.com/news/security/a-ransomware-gang-made-260-000-in-5-days-using-the-7zip-utility/ Starting on Monday, QNAP NAS users from all over the world suddenly found their files encrypted after a ransomware operation called Qlocker exploited vulnerabilities on their devices. Using such a simple approach allowed them to encrypt over a thousand, if not thousands, of devices in just five days using a time-tested encryption algorithm built into the 7zip archive utility.
Post-Intrusion Ransomware Incident Response
www.secureworks.com/blog/post-intrusion-ransomware-attack-incident-response Ransomware crippled your software deployment tools now what?
Cybersecurity Tensions Rise During President Biden’s First 100 Days
www.forbes.com/sites/tonybradley/2021/04/24/cybersecurity-tensions-rise-during-president-bidens-first-100-days/ Cyber threats are a fact of life for nations and companies around the world. In March, a panel of experts got together for a virtual roundtable titled “Restoring National Cybersecurity: A Look into the First 100 Days of the New Administration” to discuss the challenges we face and offer guidance for how to address them effectively. The agenda of the discussion was to develop an action plan that might help guide the Biden Administration as it strives to respond to these types of attacks and strengthen the cybersecurity posture of the nation in general to prevent similar attacks in the future.
New cryptomining malware builds an army of Windows, Linux bots
www.bleepingcomputer.com/news/security/new-cryptomining-malware-builds-an-army-of-windows-linux-bots/ A recently discovered cryptomining botnet is actively scanning for vulnerable Windows and Linux enterprise servers and infecting them with Monero (XMRig) miner and self-spreader malware payloads. The attackers “are targeting cloud workloads through remote code injection/remote code execution vulnerabilities in PHPUnit, Apache Solar, Confluence, Laravel, JBoss, Jira, Sonatype, Oracle WebLogic and Apache Struts to gain initial access, ” Lacework found. “Lateral movement is conducted via SSH keys available on the victim machine and hosts identified from bash history files, ssh config files, and known_hosts files, ” Lacework added.
Oscar-Bait, Literally: Hackers Abuse Nominated Films for Phishing, Malware
threatpost.com/oscar-bait-hackers-nominated-phishing-malware/165583/ Anticipation surrounding the upcoming 93rd Academy Awards broadcast on Sunday is being used by scammers to trick people into giving up their credentials they think they’re about to stream Oscar-nominated films, but the reality turns out to be much different.
Base64 Hashes Used in Web Scanning
Vientituotteena valvova silmä
www.hs.fi/ulkomaat/art-2000007938713.html Tekoäly valvoo Xinjiangin uiguurien jokaista askelta. Digitaalinen diktatuuri on Kiinan vientituote, joka voi olla uhka demokratioille. HYMYILE, olet piilokamerassa! Tiedämmekin jo, kuka olet ja mitä teit viime kesänä!. [TILAAJILLE]