iOS 14.7.1: Apple Issues Urgent iPhone Update With Important Security Fixes
www.forbes.com/sites/kateoflahertyuk/2021/07/26/ios-1471-apple-issues-urgent-iphone-update-with-important-security-fixes/ Its only been a week since Apple released iOS 14.7, which itself included critical security fixes, but did not address a vulnerability in iMessage that adversaries could have been taking advantage of to attack iPhones with the Pegasus spyware.
Researchers warn of unpatched Kaseya Unitrend backup vulnerabilities
www.bleepingcomputer.com/news/security/researchers-warn-of-unpatched-kaseya-unitrend-backup-vulnerabilities/ Last week, the Dutch Institute for Vulnerability Disclosure (DIVD) issued a TLP:AMBER advisory about three unpatched vulnerabilities in the Kaseya Unitrends backup product.. While DIVD released this advisory under the TLP:AMBER designation, DIVD Chairman Victor Gevers told BleepingComputer that it was originally shared with 68 government CERTs under a coordinated disclosure.. However, one of the recipients uploaded it to an online analyzing platform, where it became public to those with access to the service.
PlugwalkJoe Does the Perp Walk
krebsonsecurity.com/2021/07/plugwalkjoe-does-the-perp-walk/ [News coverage on the arrest of Joseph PlugwalkJoe OConnor] overlooks sinister criminal charges in the indictment, which involve an underground scene wherein young men turn to extortion, sextortion, SIM swapping, death threats and physical attacks all in a frenzied effort to seize control over social media accounts.. According to the indictment, a week after the Twitter hack a man identifying himself as OConnor called federal investigators in Northern California. Specifically, the call went to the REACT Task Force. REACT is a team of law enforcement officers and prosecutors based in Santa Clara, Calif. that is focused on catching criminal SIM swappers, and by this point REACT already had plenty of audio from . phone calls traced back to OConnor in which he allegedly participated in a SIM swapping or swatting attack.
No More Ransom saves almost 1 billion in ransomware payments in 5 years
www.bleepingcomputer.com/news/security/no-more-ransom-saves-almost-1-billion-in-ransomware-payments-in-5-years/ The No More Ransom project celebrates its fifth anniversary today after helping over six million ransomware victims recover their files and saving them almost 1 billion in ransomware payments.
2021 RANSOMWARE IMPACT REPORT
www.keeper.io/hubfs/2021_Ransomware_Impact_Report/2021_Ransomware_Impact_Report.pdf But what happens within an organization post-attack? How are internal processes affected? Whats the impact on employee efficiency and productivity? To find out, Keeper surveyed 2,000 employees across the U.S. whose employers had suffered a ransomware attack in the previous 12 months.. 49% of respondents told Keeper that their employers paid the ransom. However, this money didnt fall out of the sky: 93% reported that their employers tightened budgets in other areas following the ransom payment.. 26% of respondents reported that their employers disclosed the attack only to partners and customers (not the general public), while 15% didnt tell anyone. This indicates that ransomware attacks are likely far more pervasive than anyone realizes.
Disrupting Ransomware by Disrupting Bitcoin
www.schneier.com/blog/archives/2021/07/disrupting-ransomware-by-disrupting-bitcoin.html We suggest an easier alternative: merely disrupt the cryptocurrency markets. Making them harder to use will have the effect of making them less useful as a ransomware payment vehicle, and not just because victims will have more difficulty figuring out how to pay. The reason requires understanding how criminals collect their profits.
Q2 Ransom Payment Amounts Decline as Ransomware becomes a National Security Priority
www.coveware.com/blog/2021/7/23/q2-ransom-payment-amounts-decline-as-ransomware-becomes-a-national-security-priority The average ransom payment declined to $136,576 while the median fell to $47,008, levels not seen since the beginning of 2021. The decrease was primarily driven by a growing number of disparate Ransomware-as-a-Service brands that have proliferated recently, and which have diluted the concentration of attacks controlled by just a few.. [Interesting chart on the various degrees of state responsibility for cyber attacks https://images.squarespace-cdn.com/content/v1/5ab16578e2ccd10898976178/1627049256926-84KBU1XKAFQ6HWRKRW0U/State+responsibility.png]
Estonian Citizen Pleads Guilty to Computer Fraud and Abuse
www.justice.gov/usao-ak/pr/estonian-citizen-pleads-guilty-computer-fraud-and-abuse According to court documents, Pavel Tsurkan, 33, operated a criminal proxy botnet by remotely accessing and compromising more than 1,000 computer devices and internet routers worldwide, including at least 60 victims in Alaska. He used the victims devices to build and operate an Internet of Things (IoT)-based botnet dubbed the Russian2015 using the domain Russian2015.ru. . Also
Clubhouse denies data breach, experts debunk claims of leaked phone numbers
techzimo.com/clubhouse-denies-data-breach-experts-debunk-claims-of-leaked-phone-numbers/ On July 23, a hacker group claimed that they have got access to over 3.8 billion phone numbers from Clubhouse servers. The claim posted on a hackers forum alleging the leak states that the list of numbers contains cellphone, fixed, private, and professional numbers. The information about the claim was shared on Twitter by Jiten Jain, Director, Voyager Infosec.. The social audio app has now denied the leak and after examining the claims, several security experts have also said that these are false allegations against the company.
Even after Emotet takedown, Office docs deliver 43% of all malware downloads now
www.zdnet.com/article/even-after-emotet-takedown-office-docs-deliver-43-of-all-malware-downloads-now/ Malware delivered over the cloud increased by 68% in Q2, according to data from cybersecurity firm Netskope.. Report at
Meet Package Hunter: A tool for detecting malicious code in your dependencies
about.gitlab.com/blog/2021/07/23/announcing-package-hunter/ Package Hunter is a tool to analyze a program’s dependencies for malicious code and other unexpected behavior by installing the dependencies in a sandbox environment and monitoring system calls executed during the installation. Any suspicious system calls are reported to the user for further examination. It currently supports testing NodeJS modules and Ruby Gems.