– From Wiper to Ransomware – The Evolution of Agrius
labs.sentinelone.com/from-wiper-to-ransomware-the-evolution-of-agrius/ Researchers say they’ve uncovered a new disk-wiping malware (wiper) that’s disguising itself as ransomware as it unleashes destructive attacks on Israeli targets. Full report as PDF:
assets.sentinelone.com/sentinellabs/evol-agrius
Evolution of JSWorm ransomware
securelist.com/evolution-of-jsworm-ransomware/102428/ JSWorm ransomware was discovered in 2019 and since then different variants have gained notoriety under various names such as Nemty, Nefilim, Offwhite and several others. The experts describe the evolution and technical details of the ransomware in the Securelists blog.
Audio maker Bose discloses data breach after ransomware attack
www.bleepingcomputer.com/news/security/audio-maker-bose-discloses-data-breach-after-ransomware-attack/ Bose systems were breached in March. Bose recovered and secured the systems with third-party cybersecurity experts. No ransom was paid.
Domino’s India discloses data breach after hackers sell data online
www.bleepingcomputer.com/news/security/dominos-india-discloses-data-breach-after-hackers-sell-data-online/ The data breach seems to have leaked employee and customer data, such as mobile numbers, names, email addresses, and GPS coordinates
Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises
www.fireeye.com/blog/threat-research/2021/05/increasing-low-sophistication-operational-technology-compromises.html The researchers at Mandiant walk you through the year 2020 of low sophistication compromises on OT environments
Microsoft uses GPT-3 to let you code in natural language
techcrunch.com/2021/05/25/microsoft-uses-gpt-3-to-let-you-code-in-natural-language/ Microsoft is using OpenAI’s massive GPT-3 natural language model in its no-code/low-code Power Apps service to translate spoken text into code in its recently announced Power Fx language.
New hammering technique for DRAM Rowhammer bug
security.googleblog.com/2021/05/introducing-half-double-new-hammering.html Half-Double, a new Rowhammer technique that capitalizes on the worsening physics of some of the newer DRAM chips to alter the contents of memory.
Attacks on PDF Certification
web-in-security.blogspot.com/2021/05/attacks-on-pdf-certification.html PDF specification also specifies the certification of documents, also known as certification signatures. Researchers performed an extensive analysis of the security of PDF certification. In doing so, they developed the Evil Annotation Attack (EAA), as well as the Sneaky Signature Attack (SSA).
VMware warns of critical bug affecting all vCenter Server installs
www.bleepingcomputer.com/news/security/vmware-warns-of-critical-bug-affecting-all-vcenter-server-installs/ VMware urges customers to patch a critical remote code execution (RCE) vulnerability in the Virtual SAN Health Check plug-in and impacting all vCenter Server deployments.
Uncovering Shenanigans in an IP Address Block via Hurricane Electric’s BGP Toolkit
isc.sans.edu/diary/rss/27456 InfoSec Handlers tip from Yee Ching Tok on using the excellent HE BGP Toolkit on networks to find malicious phishing sites
