CVE-2021-37708
CVE-2021-37708
The Conti ransomware gang failed to encrypt the systems of Ireland’s Department of Health (DoH) despite breaching its network and dropping Cobalt Strike beacons to deploy their malware across the network. On the same day, Conti operators breached the network of Ireland’s Health Service Executive (HSE), the country’s publicly funded healthcare system, and forced it to shut…
The US Department of Homeland Security (DHS) has announced new pipeline cybersecurity requirements after the largest fuel pipeline in the United States was forced to shut down operations in early May following a ransomware attack. The new security directive requires critical pipeline owners and operators to report any confirmed and potential cybersecurity incidents to the Cybersecurity and Infrastructure Security…
Artificial Intelligence & Machine Learning , Governance & Risk Management , Next-Generation Technologies & Secure Development Agency Now Seeks Feedback to Help Address Governance Challenges Dan Gunderman (dangun127) • July 31, 2021 (Photo: Gerd Altmann/Pixabay) Citing a need to secure artificial intelligence technologies, the National Institute of Standards and Technology is working to…
New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let’s just get this out of the way right now: It wasn’t me. The Shadowserver Foundation, a nonprofit that helps network owners identify and fix security…
Critical Infrastructure Security , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Commerce Department Says Organizations Are Aligned With Russian Intelligence Dan Gunderman (dangun127) • July 17, 2021 U.S. Department of Commerce (Source: Brandon Mowinkel/Unsplash) The Department of Commerce is restricting trade with four Russian information technology and cybersecurity firms, along with…
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management If Backups Unavailable, Victims Should Retain Encrypted Files in Case Decryptor Released Doug Olenick (DougOlenick) • July 16, 2021 REvil’s original post of the Kaseya attack on its darknet site Some ransomware gangs that have shut down…