CyberSecurity Updates

18 Nov

Novel ARCrypter Ransomware Expanding Operations Worlwide

Attacks, Malware

As time goes one, more and more novel ransomware families are surfacing, each with a variety of their own tactics. While this is a new family of ransomware, the techniques used by this ransomware are relatively standard. Numerous detection capabilities around this ransomware exist, many of which are likely already employed by organizations. For one, many organizations already employ queries to detect the “.crypt” file extension. Other detection capabilities around this ransomware include monitoring value…

Read More
18 Nov

Iranian APT Breaches Sector of U.S. Government

Attacks, Malware

As a general rule, whenever security patches are released for any vulnerability, the patch should be tested and implemented as soon as possible. With vulnerabilities such as Log4Shell, which presented a high risk due to the extensive use of on-prem and hybrid Exchange servers and the extensive exploitation in the wild, it is extremely important to get these patches pushed to all affected systems. Often times, threat actors will prey on victims by using old…

Read More
18 Nov

Microsoft Fixes Windows Kerberos Auth Issues in Emergency Updates

Attacks, Malware

Today, Microsoft has released OOB emergency updates that Windows admins must install on all Domain Controllers (DCs) in affected environments. “You do not need to install any update or make any changes to other servers or client devices in your environment to resolve this issue. If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them,” Microsoft advised. The OOB updates released today are available…

Read More
18 Nov

India drafts new privacy bill for transfer of personal data internationally

Data Breaches, Malware, Social Engineering

The Indian federal government on Friday published a new draft of data privacy laws that would allow personal data transfer to other nations under certain conditions, and impose fines for breaches of data-transfer and data-collection regulations. The proposed legislation has been in the works for about four years. Up until now, the Reserve Bank of India has enacted regulations that make businesses keep transaction data within the country. The government, though, has not issued more…

Read More
18 Nov

Atlassian Patches Critical Vulnerabilities in Bitbucket, Crowd

Information, News

Atlassian informed customers this week that it has patched critical vulnerabilities in its Crowd and Bitbucket products. In the Bitbucket source code repository hosting service, Atlassian fixed CVE-2022-43781, a critical command injection vulnerability that affects Bitbucket Server and Data Center version 7 and, in some cases, version 8. “There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue…

Read More
18 Nov

Microsoft Warns of Cybercrime Group Delivering Royal Ransomware, Other Malware

Information, Malware, News

A threat actor tracked as DEV-0569 and known for the distribution of various malicious payloads was recently observed updating its delivery methods, Microsoft warns. DEV-0569 has been relying on malicious ads (malvertising), blog comments, fake forum pages, and phishing links for the distribution of malware. Over the past few months, however, Microsoft noticed that the threat actor has started using contact forms to deliver phishing links, while choosing to host fake installers on legitimate-looking software…

Read More
18 Nov

Ukrainian Hacker Sought by US Arrested in Switzerland: Report

Information, News

A Ukrainian hacker sought by US authorities for a decade was arrested last month in Switzerland, the specialist website Krebs on Security reported. Vyacheslav Igorevich Penchukov, 40, was arrested in the Swiss canton of Geneva on October 23 while visiting his wife, the site reported. Swiss authorities confirmed to the news website Watson the arrest of a Ukrainian national sought by US authorities who is refusing extradition, but did not identify the suspect by name.…

Read More
18 Nov

Noname Security releases Recon attack simulator

Data Breaches, Malware, Social Engineering

As breaches increase and companies scramble to go from a defensive to an offensive approach, API-focused Noname Security has launched Recon, whice simulates an attacker performing reconnaissance on an organization’s domains. Recon works from a root-level domain to find other domains, shadow domains, sub-domains, APIs, vulnerabilities, and public issues that put the organization at risk, according to Noname. “Then we start looking at, both actively and passively looking at any API-related information pertaining to those…

Read More
17 Nov

Researchers Quietly Cracked Zeppelin Ransomware Keys

Information, Insights

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “Zeppelin” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. After two weeks of stalling their extortionists, Peter’s bosses were ready to capitulate and pay the ransom demand. Then came the unlikely call from an FBI…

Read More
17 Nov

Open banking: Tell me what you buy, and I’ll tell you who you are

Information

The convenience with which you manage all your financial wants and needs may come at a cost Since becoming more common in the mid-2010s, mobile banking apps have continued to grow in popularity and have ultimately become highly versatile tools for almost all things money-related. We use our phones to shop, pay for services, transfer our money, apply for personal loans or even take out insurance – all while staying on top of our spending.…

Read More