Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Company Says It Will Take Several Days for Supply Chain to Return to Normal Scott Ferguson (Ferguson_Writes) • May 12, 2021 Source: Flickr Colonial Pipeline Co. announced Wednesday that the company had restarted its operations following a ransomware attack last Friday that had forced the…
Critical Infrastructure Security , Cybercrime as-a-service , Cyberwarfare / Nation-State Attacks Cybereason’s Sam Curry on DarkSide and New Breed of Ransomware Attack Tom Field (SecurityEditor) • May 12, 2021 Sam Curry, CSO, Cybereason In April, Cybereason published a blog describing its research into the DarkSide ransomware strain that infected…
Cybercrime , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Kaspersky Describes ‘Operation TunnelSnake’ That Appears to Have China Connection Prajeet Nair (@prajeetspeaks) • May 12, 2021 Architecture of the Moriya rootkit (Source: Kaspersky) An ongoing advanced persistent threat campaign dubbed “Operation TunnelSnake” has been using a Windows rootkit named Moriya to…
Executive Summary Informations Name CVE-2020-23575 First vendor Publication 2021-05-10 Vendor Cve Last vendor Modification 2021-05-11 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management Acting CISA Director Tells Lawmakers FBI, Not Company, Alerted Agency Scott Ferguson (Ferguson_Writes) • May 11, 2021 Acting CISA Director Brandon Wales testifying before the Senate Homeland Security and Governmental Affairs Committee The Cybersecurity and Infrastructure Security…
Governance & Risk Management , IT Risk Management , Patch Management Patch Tuesday Update: These Vulnerabilities Not Yet Exploited in Wild Doug Olenick (DougOlenick) • May 12, 2021 Microsoft issued patches Tuesday for four more vulnerabilities in on-premises versions of the Exchange Server corporate email platform, one of which is a zero-day flaw….
Microsoft fixed 55 vulnerabilities yesterday including three zero-days not thought to have been exploited in the wild, one of which affected the under-fire Exchange Server. This month’s Patch Tuesday is lighter than many have been in recent months, but there were four critical CVEs for admins to address, alongside the three publicly disclosed bugs. Top…
Ransom software works by encrypting victims’ data; typically hackers will offer the victim a key in return for cryptocurrency payments that can run into the hundreds of thousands or even millions of dollars. If the victim resists, hackers are increasingly threatening to leak confidential data in a bid to pile on the pressure. Loading DarkSide’s…
The ransomware campaign in question is targeting organizations from an extensive array of sectors in the US and worldwide, with the FBI declaring in a TLP:GREEN flash alert published last week that Avaddon affiliates are trying to breach the networks of manufacturing, healthcare, and other private sector organizations around the world. Whilst the FBI offered this…
Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management Affiliate-Driven Ransomware-as-a-Service Operations Keep Generating Big Profits Mathew J. Schwartz (euroinfosec) • May 11, 2021 Statements posted to DarkSide’s data leak site “It’s not personal, Sonny. It’s strictly business.” See Also: Live Webinar | Software Security: Prescriptive vs. Descriptive That immortal…
