Malware

07 Feb

GoAnywhere MFT Zero-Day Exploit Proof-of-Concept Released

Attacks, Malware

Any users of GoAnywhere MFT should assume compromise, and remove public-facing internet access to the tool and rotate the master encryption key and any passwords used for access. The security bulletin released by the developer includes a stacktrace that administrators can look for in the logs to determine if the exploit was uses against the system. Additionally, administrators should deploy the security patch as soon as change management allows. Companies should endeavor to always bring…

Read More
07 Feb

Clop Ransomware Targeting Linux Systems

Attacks, Malware

Ransomware groups are always working to find new targets and develop new strains of ransomware that will increase their target lists and maximize their profits. With lots of companies moving to cloud-based computing, most of it being run on Linux, this shift from Clop is not unexpected. A number of ransomware operations are now targeting vulnerable VMWare ESXi servers, thousands of which have recently transitioned to end-of-life status and are no longer receiving official security…

Read More
07 Feb

What CISOs need to know about the renewal of FISA Section 702

Data Breaches, Malware, Social Engineering

In our hyperconnected world, multinational organizations operate within and across multiple nation-states. Those who do business within the United States will want to keep their eye on the status of Section 702 of the Foreign Intelligence Surveillance Act (FISA), which sets out procedures for physical and electronic surveillance and collection of foreign intelligence. Section 702 specifically addresses how the US government can conduct targeted surveillance of foreign persons located outside the US, with the compelled…

Read More
07 Feb

MKS Instruments falls victim to ransomware attack

Data Breaches, Malware, Social Engineering

Semiconductor equipment maker MKS Instruments is investigating a ransomware event that occurred on February 3 and impacted its production-related systems, the company said in a filing with the US Security and Exchange Commission. MKS Instruments is an Andover, Massachusetts-based provider of subsystems for semiconductor manufacturing, wafer level packaging, package substrate and printed circuit boards. An email sent to MKS Instruments seeking more information about the attack remained unanswered, while the company’s website continued to be inaccessible at the time…

Read More
06 Feb

Massive ransomware attack targets VMware ESXi servers worldwide

Data Breaches, Malware, Social Engineering

A global ransomware attack has targeted thousands of servers running the VMware ESxi hypervisor, with many more servers expected to be affected, according to national cybersecurity agencies and security experts around the world. The Computer Emergency Response Team of France (CERT-FR) was the first to notice and send an alert about the attack. “On February 3, CERT-FR became aware of attack campaigns targeting VMware ESXi hypervisors with the aim of deploying ransomware on them,” CERT-FR wrote. …

Read More
06 Feb

GoodRx Will Settle Claim It Shared Sensitive Health Data with Advertisers

Attacks, Malware

Threat actors can leverage stolen medical records to impersonate legitimate patients to commit various forms of fraud, including submitting fraudulent claims to health insurers without authorization. This could not only affect healthcare coverage, but also compromise safety if there is misinformation on file that is needed for medical treatment. Anyone who may have been a victim of a medical data breach should get confirmation from their provider to find out exactly what information was stolen.…

Read More
06 Feb

Iranian Nation-State Group Behind Charlie Hebdo Breach, Microsoft Says

Attacks, Malware

Releasing the entire cache of stolen information might result in massive doxing, Redmond further warned. “After Holy Souls posted the sample data on YouTube and multiple hacker forums, the leak was amplified by a concerted operation across several social media platforms. This amplification effort made use of a particular set of influence Tactics, Techniques, and Procedures (TTPs) DTAC has witnessed before in Iranian hack-and-leak influence operations,” stated the Windows maker’s Digital Threat Analysis Center (DTAC).…

Read More
06 Feb

Indian Freight Company Exposing Data on Misconfigured Server

Attacks, Malware

Some recommendations to consider when attempting to protect sensitive data in a cloud infrastructure include: • Secure access to the cloud.• Manage user access privileges.• Provide visibility with employee monitoring.• Monitor privileged users.• Educate employees against phishing.• Ensure you meet IT compliance requirements.• Efficiently respond to security incidents. India’s Largest Truck Brokerage Company Leaking 140GB of Data

Read More
06 Feb

Vulnerabilities and exposures to rise to 1,900 a month in 2023: Coalition

Data Breaches, Malware, Social Engineering

Cyber insurance firm Coalition has predicted that there will be 1,900 average monthly critical Common Vulnerabilities and Exposures (CVEs) in 2023, a 13% increase over 2022. The predictions are a part of the company’s Cyber Threat Index, which was compiled using data gathered by the company’s active risk management and reduction technology, combining data from underwriting and claims, internet scans, its global network of honeypot sensors, and scanning over 5.2 billion IP addresses. The 1,900 CVEs…

Read More
06 Feb

OPSWAT mobile hardware offers infrastructure security for the air gap

Data Breaches, Malware, Social Engineering

Infrastructure protection vendor OPSWAT has announced the availability of its new MetaDefender Kiosk K2100 hardware, designed to provide a mobile option for users who want the company’s media-scanning capabilities to work in the field. OPSWAT’s MetaDefender line of kiosks is designed to address a potential security weakness for critical infrastructure defended by air gaps. In order to patch those systems, audit them, or move data among them, removable media like SD cards, USB sticks and…

Read More