Prime targets: Governments shouldn’t go it alone on cybersecurity
www.welivesecurity.com/2021/04/29/prime-targets-governments-shouldnt-go-it-alone-on-cybersecurity/ A year into the pandemic, ESET reveals new research into activities of the LuckyMouse APT group and considers how governments can rise to the cybersecurity challenges of the accelerated shift to digital
“BadAlloc” Memory allocation vulnerabilities could affect wide range of IoT and OT devices in industrial, medical, and enterprise networks
msrc-blog.microsoft.com/2021/04/29/badalloc-memory-allocation-vulnerabilities-could-affect-wide-range-of-iot-and-ot-devices-in-industrial-medical-and-enterprise-networks/ Microsoft’s Section 52, the Azure Defender for IoT security research group, recently uncovered a series of critical memory allocation vulnerabilities in IoT and OT devices that adversaries could exploit to bypass security controls in order to execute malicious code or cause a system crash. These remote code execution (RCE) vulnerabilities cover more than 25 CVEs and potentially affect a wide range of domains, from consumer and medical IoT to Industrial IoT, Operational Technology (OT), and industrial control systems.
PHP Supply Chain Attack on Composer
blog.sonarsource.com/php-supply-chain-attack-on-composer In the PHP ecosystem, Composer is the major tool to manage and install software dependencies. It is used by development teams world-wide to ease the update process and to ensure that applications work effortless across environments and versions. During our security research, we discovered a critical vulnerability in the source code of Composer which is used by Packagist. It allowed us to execute arbitrary system commands on the Packagist.org server. In this blog post, we introduce the detected code vulnerabilities and how these were patched.
QNAP finds evidence of AgeLocker ransomware activity in the wild
www.bleepingcomputer.com/news/security/qnap-finds-evidence-of-agelocker-ransomware-activity-in-the-wild/ QNAP customers are once again urged to secure their Network Attached Storage (NAS) devices following a massive Qlocker ransomware campaign earlier this month.
Ransomware gang leaks court and prisoner files from Illinois Attorney General Office
therecord.media/ransomware-gang-leaks-court-and-prisoner-files-from-illinois-attorney-general-office/ The operators of the DopplePaymer ransomware have leaked a large collection of files from the Illinois Office of the Attorney General after negotiations have broken down and officials refused to pay a ransom demand, The Record has learned.
New ransomware task force wants more support for victims who don’t pay
therecord.media/new-ransomware-task-force-wants-wants-more-support-for-victims-who-dont-pay/ A new government and industry coalition on Thursday put its weight behind a number of aggressive measures aimed at curbing ransomware, including financially supporting victims who refuse to pay attackers and making it easier to track cryptocurrency payments. The group has been working over the last four months on an 80-page report released today that highlights the growing threat of ransomware and proposes a long list of actions that would reverse the trend that cybersecurity experts have been observing in recent years. also:
Incident Response Life Cycle Phases for Effective IR
www.secureworks.com/blog/incident-response-life-cycle-phases-for-effective-ir Incident Response frameworks highlight the importance of preparation and improvement for improved response outcomes
The Business of Fraud: Deepfakes, Fraud’s Next Frontier
www.recordedfuture.com/deepfakes-frauds-next-frontier/ Threat actors have begun to use dark web sources to offer customized services and tutorials that incorporate visual and audio deepfake technologies designed to bypass and defeat security measures. Furthermore, threat actors are using these sources, as well as many clearnet sources such as forums and messengers, to share tools, best practices, and advancements in deepfake techniques and technologies. As reported by Insikt Group’s Criminal and Underground Team throughout 2020, threat actors are developing customized deepfake products. PDF report: go.recordedfuture.com/hubfs/reports/cta-2021-0429.pdf
Suomalaistutkija päätti kokeilla onnistuuko hyökkäys Applen järjestelmiin no kyllähän se onnistui
www.tivi.fi/uutiset/tv/8cce5350-ebf3-4cff-ba40-1f5fe9a9911b Kyberturvallisuusyhtiö Nixun tietoturva-asiantuntija Aapo Oksman löysi haavoittuvuuden Applen iOS-käyttöjärjestelmästä ja sen App Store – -sovelluskaupan toiminnasta. Haavoittuvuus paikattiin hiljattain julkaistuissa iOS 14.5- ja iPadOS 14.5 -päivityksissä.
City fined for tracking its citizens via their phones
blog.malwarebytes.com/privacy-2/2021/04/city-fined-for-tracking-its-citizens-via-their-phones/ The Dutch information watchdogthe Autoriteit Persoonsgegevens (AP)has fined the city of Enschede for 600, 000 for tracking its citizens’ movements without permission. It is the first time that a Dutch government body has been fined by the AP. The investigation was set in motion after it received a complaint about tracking.