Hackers Breach iOS 15, Windows 10, Google Chrome During Massive Cyber Security Onslaught
www.forbes.com/sites/daveywinder/2021/10/30/hackers-breach-ios-15-windows-10-google-chrome-during-massive-cyber-security-onslaught/ During the weekend of 16-17 October, Chinese hackers went on something of a rampage that saw all but three of the 15 target products breached during the exploit onslaught that was the Tianfu Cup. This annual competition, held in the Sichuan province of Chengdu, has been the go-to for China’s elite hackers since they were banned from participating in similar competitive hacking events outside of the country.
APTs, Teleworking, and Advanced VPN Exploits: The Perfect Storm
www.darkreading.com/threat-intelligence/apts-teleworking-and-advanced-vpn-exploits-the-perfect-storm A Mandiant researcher shares the details of an investigation into the misuse of Pulse Secure VPN devices by suspected state-sponsored threat actors.
Security News This Week: The SolarWinds Hackers Are Looking for Their Next Big Score
www.wired.com/story/solarwinds-hackers-iran-gas-station-hack-ransomware-security-news/ Plus: Gas station hacks in Iran, ransomware arrests in Europe, and more of the week’s top security news.
Remote Desktop Protocol (RDP) Discovery
isc.sans.edu/forums/diary/Remote+Desktop+Protocol+RDP+Discovery/27984/ I have noticed a surge in probe against the RDP service in the past 2 weeks. In August, a remote code execution (RCE) critical patch was released to fix an exploit related to CVE-2021-34535 which include a POC to exploit this vulnerability. This vulnerability is also affecting Microsoft Hyper-V Manager “Enhanced Session Mode”  and Microsoft Defender’s Application Guard (WDAG).
Chaos ransomware targets gamers via fake Minecraft alt lists
www.bleepingcomputer.com/news/security/chaos-ransomware-targets-gamers-via-fake-minecraft-alt-lists/ The Chaos Ransomware gang encrypts gamers’ Windows devices through fake Minecraft alt lists promoted on gaming forums.
TA575 criminal group using ‘Squid Game’ lures for Dridex malware
www.zdnet.com/article/ta575-criminal-group-using-squid-game-lures-for-dridex-malware/ The emails come with subject lines saying things like “Squid Game is back, watch new season before anyone else, ” or pretend to offer victims a spot in the cast of the show’s second season.
Ransomware Has Disrupted Almost 1, 000 Schools in the US This Year
www.vice.com/en/article/4awyvp/ransomware-has-disrupted-almost-1000-schools-in-the-us-this-year There have been more than 70 ransomware attacks affecting around 1, 000 U.S. schools this year, and it may get worse before it gets better. This week is busier than normal for a week that does not include 2nd Tuesday, so we are going with a two-part listing. For Part 1 we have ten vendor disclosures from B&R Automation (3), PEPPERL+FUCHS, MB Connect, CODESYS (4), and Dell.