Poly Network, a decentralized finance (DeFi) platform, has revealed that this week it fell victim to a massive cryptocurrency hack that led to the organization losing allegedly over $611 million. The attack on Poly Network, a protocol allowing users to swap cryptocurrency (including bitcoin) across different blockchains, is believed to be one of the largest…
Endpoint Security , Fraud Management & Cybercrime , Ransomware But the Key Appears to Only Unlock Files Encrypted in the Kaseya Attack Jeremy Kirk (jeremy_kirk) • August 11, 2021 Someone posted a link to this image that contains a decryption key for files encrypted in the Kaseya attack. There’s yet another twist in…
Application Security , Cybercrime , Fraud Management & Cybercrime Intel, Adobe Roll Out Security Fixes Doug Olenick (DougOlenick) • August 11, 2021 Microsoft’s Patch Tuesday rollout addressed two additional security issues within Windows Print Spooler, including one zero day, the company reported. See Also: Live Panel | How Organizations Should Think About Zero…
Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks | IT Security News 9. August 2021 This article has been indexed from Security Affairs The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. The Australian Cyber Security Centre (ACSC) warns of an escalation in…
Description: Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. The list of security updates can be found at: https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Aug Reports indicated that an elevation of privilege vulnerability in Microsoft Windows 10 and some versions of Windows Server (CVE-2021-36948) is being actively exploited and multiple vulnerabilities in Microsoft Windows…
eCh0raix Ransomware Variant Targets QNAP, Synology NAS Devices
A new Android Trojan codenamed FlyTrap has hit at least 140 countries since March 2021 and has spread to over 10,000 victims through social media hijacking, third-party app stores, and sideloaded applications. Zimperium’s zLabs mobile threat research teams recently found several previously undetected applications using Zimperium’s z9 malware engine and on-device detection. Following their forensic…
A new criminal carding marketplace promoted itself by leaking data for one million credit cards that have been stolen between 2018 and 2019. Carding can be defined as the trafficking and use of stolen credit cards. Credit cards usually get stolen through point-of-sale malware, magecart attacks on websites, and by using information-stealing trojans. The credit cards are sold…
Fraud Management & Cybercrime , Governance & Risk Management , Patch Management Pondurance: Ransomware Group Used Backdoors That Persist Prajeet Nair (@prajeetspeaks) • August 10, 2021 Some patched on-premises Microsoft Exchange email servers are still proving to be vulnerable. The Conti ransomware group is now leveraging backdoors that persist, cybersecurity consulting firm Pondurance…
Governance & Risk Management , IT Risk Management , Next-Generation Technologies & Secure Development Updated Security Approach Designed to Mitigate Ransomware, Nation-State Attack Risks Scott Ferguson (Ferguson_Writes) • August 10, 2021 Ron Ross, NIST Fellow and one of the co-authors of an updated guide to cyber resiliency As ransomware and nation-state attacks have…
