54BD 783A 27D2 85C1 C46D 5A02 3651 ADE3 E402 9FC2

Infosec bits for week 37/21

Renier van Heerden

2021-09-17 13:32

Ransomware
- Ransomware encrypts South Africa’s entire Dept of Justice network [Ionut Ilascu, Bleeping Computer]
- Free REvil ransomware master decrypter released for past victims [Lawrence Abrams, Bleeping Computer]
- Ransomware accounted for a quarter of all cyber insurance claims in Europe between 2016 and 2020 [Catalin Cimpanu, TheRecord]
- South Africa’s legal system on its knees after cyberattack [Jan Vermeulen, MyBroadband]
Hack
- New malware uses Windows Subsystem for Linux for stealthy attacks [Ionut Ilascu, Bleeping Computer]
- US fines former NSA employees who provided hacker-for-hire services to UAE [Catalin Cimpanu, TheRecord]
- New Go malware Capoae targets WordPress installs, Linux systems [Charlie Osborne, ZDNet]
- OWASP updates top 10 vulnerability ranking for first time since 2017 [Jonathan Greig, ZDNet]
Patch
- Update Chrome – major security flaws fixed [Myles Illidge, MyBroadband]
- Microsoft patches Office zero-day in today’s Patch Tuesday [Catalin Cimpanu, TheRecord]

Infosec bits for week 35/21

Schalk Peach

2021-09-03 11:48

Vulnerabilities
- Worst cloud vulnerability you can imagine’ discovered in Microsoft Azure [Jim Salter, Ars Technica]
- New BrakTooth Bluetooth vulnerabilities [Catalin Cimpanu, The Record]
- WhatsApp patches vulnerability related to image filter functionality [Jonathan Grieg, ZDNet]
Ransomware and Botnets
- Ransomware attacks on US schools and colleges cost $6.62bn in 2020 [Paul Bischoff, CompariTech]
- Mozi botnet authors arrested in China [Catalin Cimpanu, The Record]
- Phorpiex botnet shuts down, source code goes up for sale [Catalin Cimpanu, The Record]
General Tech
- Windows 11 will roll out from October 5 as Microsoft hypes new hardware [Tim Anderson, The Register]
Zero Trust
- Challenges organizations face when implementing zero trust architecture [Help Net Security]

Infosec bits for week 34/21

Kgwadi Matenche

2021-08-27 13:18

Security News:
- Microsoft Breaks Silence on Barrage of ProxyShell Attacks [Elizabeth Montalbano, Threatpost]
- Hackers Could Increase Medication Doses Through Infusion Pump Flaws [Lily Hay Newman, WIRED]
- Ragnarok ransomware releases master decryptor after shutdown [Ionut Ilascu, Bleeping Computer]
- Poly Network Recoups $610M Stolen from DeFi Platform [Becky Bracken, Threatpost]
- Biggest Linux security exploits revealed [Hanno Labuschagne, MyBroadband]
Email-Borne Threats:
- False Payment Promises Lead To Microsoft Credential Phish [Nathaniel Sagibanda, Cofense]
- Phishing campaign uses UPS.com XSS vuln to distribute malware [Lawrence Abrams, Bleeping Computer]
Vulnerabilities & Patches:
- F5 Releases Critical Security Patches for BIG-IP and BIG-IQ Devices [Ravie Lakshmanan, The Hacker News]
- VMware Patches High-Severity Vulnerabilities in vRealize Operations [Ionut Arghire, SecurityWeek]
- Cisco Security Advisories [Cisco]
- Atlassian warns of critical Confluence flaw [Simon Sharwood, The Register]
Others:
- Threat Modeling: Making the Right Moves [Doug Olenick, Bank Info Security]
- Ransomware gang’s script shows exactly the files they’re after [Lawrence Abrams, Bleeping Computer]
- Data breaches now cost SA firms 15% more per incident [ITWeb]
  - Cybercrime Losses Triple to £1.3bn in 1H 2021 [Phil Muncaster, Infosecurity Magazine]
- Nigerian Gang Asks for Insider Help to Plant Ransomware [Doug Olenick, Bank Info Security]