Daily NCSC-FI news followup 2021-07-04

Kaseya zero-day involved in ransomware attack, patches coming

therecord.media/kaseya-zero-day-involved-in-ransomware-attack-patches-coming/ Remote management software vendor Kaseya said it identified and is currently mitigating a vulnerability that was abused in a recent incident that saw ransomware deployed on the networks of thousands of companies worldwide. Lisäksi:

www.reuters.com/technology/cyber-attack-against-us-it-provider-forces-swedish-chain-close-800-stores-2021-07-03/

Kaseya was fixing zero-day just as REvil ransomware sprung their attack

www.bleepingcomputer.com/news/security/kaseya-was-fixing-zero-day-just-as-revil-ransomware-sprung-their-attack/ The vulnerability had been previously disclosed to Kaseya by security researchers from the Dutch Institute for Vulnerability Disclosure (DIVD), and Kaseya was validating the patch before they rolled it out to customers.

Windows Update bug blocks Azure Virtual Desktops security updates

www.bleepingcomputer.com/news/microsoft/windows-update-bug-blocks-azure-virtual-desktops-security-updates/ Microsoft is working to fix a known issue blocking Azure Virtual Desktops devices from downloading downloading and installing recent security updates via Windows Server Update Services (WSUS).

TrickBot: New attacks see the botnet deploy new banking module, new ransomware

therecord.media/trickbot-new-attacks-see-the-botnet-deploy-new-banking-module-new-ransomware/ Over the course of the past few weeks, new activity has been observed from TrickBot, one of today’s largest malware botnets, with reports that its operators have helped create a new ransomware strain called Diavol and that the TrickBot gang is returning to its roots as a banking trojan with a new and updated banking module.

Mysterious Node.js malware puzzles security researchers

therecord.media/mysterious-node-js-malware-puzzles-security-researchers/ Almost four months after it was first spotted in the wild, the infosec community is still scratching its head in regards to the purpose of a new malware strain named Lu0bot.

Detection and Mitigation Advice for PrintNightmare

www.lares.com/blog/detection-and-mitigation-advice-for-printnightmare/ PrintNightmare(CVE-2021-34527) was released as a proof of concept this week on Github. This post highlights how the exploit PoCs released on Github work and how the specific vulnerability can be fixed and detected. The vulnerability itself was found and published by Zhipeng Huo (@R3dF09), Piotr Madej, and Yunhai Zhang

You might be interested in …

Daily NCSC-FI news followup 2021-03-09

Dangerous Malware Dropper Found in 9 Utility Apps on Googles Play Store blog.checkpoint.com/2021/03/09/dangerous-malware-dropper-found-in-9-utility-apps-on-googles-play-store/ Check Point Research (CPR) recently discovered a new dropper spreading via the Google Play store. The dropper, dubbed Clast82, has the ability to avoid detection by Google Play Protect, complete the evaluation period successfully, and change the payload dropped from a non-malicious […]

Read More

Daily NCSC-FI news followup 2020-07-03

New Apple macOS Big Sur feature to hamper adware operations www.zdnet.com/article/new-apple-macos-big-sur-feature-to-hamper-adware-operations/#ftag=RSSbaffb68 Apple has disabled the ability to silently install macOS profiles from the CLI in macOS 11, a measure that was widely employed by adware and malware gangs. Windows 10: Microsoft Defender ATP now rates your security configurations www.zdnet.com/article/windows-10-microsoft-defender-atp-now-rates-your-security-configurations/#ftag=RSSbaffb68 New Microsoft Defender ATP service will […]

Read More

Daily NCSC-FI news followup 2021-03-06

Chinas RedEcho accused of targeting Indias power grids blog.malwarebytes.com/vital-infrastructure/2021/03/chinas-redecho-accused-of-targeting-indias-power-grids/ RedEcho, an advanced persistent threat (APT) group from China, has attempted to infiltrate the systems behind Indias power grids, according to a threat analysis report from Recorded Future [PDF].. It appears that what triggered this attempt to gain a foothold in Indias critical power generation and […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.