ransomware news

Cybersecurity Daily News for July 25, 2021

Kaseya asking clients to sign NDA before given decryption keys; Guntrader urges UK gun owners to be vigilant after data breach; and cyber attacks disrupt South African shipping port.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Headlines


Kaseya Is Making Its Customers Sign Non-Disclosure Agreements to Obtain Ransomware Decryption Key – gizmodo.com
Health insurance provider for UVic international students suffers security breach – martlet.ca
UK gun owners urged to be ‘vigilant’ after Guntrader data breach – itpro.co.uk
Cyber Attack Disrupts Container Operations at Major South African Port – insurancejournal.com

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for July 24, 2021

Florida’s Department of Economic opportunity exposes more than 57,000 records in data breach of unemployment data; Data of participants and volunteers of the 2020 Tokyo Olympics exposed in data breach; and security researchers identify multiple encryption flaws in Telegram messaging service.

Headlines


The FBI Is Locating Cars By Spying On Their WiFi – forbes.com
Possible ‘white hat hacker’ exploits THORChain for $8M, proposes 10% bounty – cointelegraph.com
Emma Willard School hit by ransomware attack – timesunion.com
More than 57,000 unemployment accounts targeted in DEO data breach – msn.com
UPMC Finalizes $2.65 Million Settlement For 2014 Employee Data Breach – news.yahoo.com
Your Information May Have Been Compromised in Yale New Haven Health’s Data Breach – msn.com
Mobile County Commission notifies employees of data breach – wkrg.com
Tokyo 2020 reportedly suffers ticket-related data breach – insidethegames.biz
Multiple encryption flaws uncovered in Telegram messaging protocol – portswigger.net

What You Should Know

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for July 23, 2021

Kaseya obtains decryptor from a ‘trusted third-party’ and begins recovery of customer data; Energy Department and National Nuclear Security Admin find evidence of threat actors on Department of Energy networks; Atlassian advising is customers to upgrade Jira Data Center products due to remote code executable vulnerability.

Trending Headlines

Kaseya obtains REvil decryptor, starts customer data recovery operations – therecord.media
Hackers reportedly demand $50m from Saudi Aramco over data leak – bbc.com
An Explosive Spyware Report Shows the Limits of iOS Security – wired.com
Chinese state hackers breached over a dozen US pipeline operators – bleepingcomputer.com
Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world – zdnet.com
Nuclear weapons agency breached amid massive cyber onslaught – politico.com
APT Hackers Distributed Android Trojan via Syrian e-Government Portal – thehackernews.com
Critical Jira Flaw in Atlassian Could Lead to RCE – threatpost.com
CISA warns of stealthy malware found on hacked Pulse Secure devices – bleepingcomputer.com

What You Should Know

CVE-2020-36239
CVE-2019-11510 – Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4
CVE-2018-13379 – Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7.
CVE-2019-1579 – PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier.
CVE-2019-19781 – Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0.
CVE-2020-8260 – Pulse Connect Secure < 9.1R9.
CVE-2020-8243 – Pulse Connect Secure < 9.1R8.2

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for July 22, 2021

Trending Headlines

HiveNightmare zero-day lets anyone be SYSTEM on Windows 10 and 11

What You Should Know: CVE-2021-36934 is a remote code execution vulnerability for Windows 10 and 11 that exists due to overly permissive ACLs on multiple system files, including the Security Accounts Manager (SAM) database. Restricting access to \system32\config\* is recommend by Microsoft, as well as deleting any restore points or shadows copies that existed prior to restricting access to the above folder. Deleting shadow copies may trigger unintended events in your SIEM.

CVE-2021-36934 – msrc.microsoft.com

Home and office routers come under attack by China state hackers, France warns

What You Should Know: APT31 has been identified by France officials as targeting home and business routers for the purpose of using them to further obfuscate their activities. CERT-FR has provided and updated list of IOCs available in both CSV and JSON format.

CERTFR-2021-IOC-003 CSV Format
CERTFR-2021-IOC-003 JSON Format

Joker malware returns to target millions more Android devices

What You Should Know: Joker malware has been causing trouble for Android users for the last several years and is once again finding its way into apps on the official Google Play store. Joker is alleged to steal SMS messages, contacts, device information, and any other data in which attackers can use to continue to proliferate their malware attacks.

Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)

What You Should Know: The Qualys Research Team has identified a privilege escalation vulnerability in the Linux filesystem layer that could allow a threat actor to gain root privileges. A proof-of-concept has already been developed and tested on Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation.

CVE-2021-33909
CVE-2021-33910

Hackers co-opt Microsoft’s anti-phishing feature for phishing attacks

What You Should Know: Threat actors are using customized login pages for Microsoft 365 to trick users. Using publicly available tools, threat actors are convincingly able to replicate Microsoft 365’s login page which can trick unsuspecting users into logging in to phishing sites. Users should be given standard login URLs and should not deviate from normal account security standards.

Hundreds of millions of HP, Xerox, and Samsung printers vulnerable to new bug

What You Should Know: Code in a printer driver that has existed since 2005 is now being used to compromise hundreds of printers from HP, Xerox, and Samsung printers. CVE-2021-3438 is described as a buffer overflow bug with “SSPORT.SYS” that could allow an attacker to run malicious code as an elevated ADMIN-level user.

CVE-2021-3438

Several New Critical Flaws Affect CODESYS Industrial Automation Software

What You Should Know: Multiple vulnerabilities have been found in automation software, CODYSYS. A total of 7 vulnerabilities were reported ranging from CVSS scores of 7.5 to 10.0 and are listed below. The vulnerabilities found could results in a denial-of-service attack, or allow the privilege escalation execution of malicious Javascript.

CVE-2021-29238
CVE-2021-29240
CVE-2021-29241
CVE-2021-34569
CVE-2021-34566
CVE-2021-34567
CVE-2021-34568

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for July 21, 2021

Trending Headlines

XLoader Windows InfoStealer Malware Now Upgraded to Attack macOS Systems

Popular Windows malware, XLoader, has been modified to target MacOS systems, according to a recent report by Checkpoint. XLoader is the successor to Formbook and is known to steal credentials, collect screenshots, log keystrokes and even download files. XLoader is known for it’s Malware-as-a-service (MaaS) model that allows for less sophisticated threat actors to use it successfully.

US legal eagles representing Apple, IBM, and more take 5 months to inform clients of ransomware data breach

Law firm, Campbell Conroy & O’Neil, informs it’s clients of data breach 5 months after it was exposed in the wide-ranging attack on IT firm, Kaseya. Information includes names, phone numbers, driver’s licenses, and even SSNs. The organisation has not determined what data, or who’s data was accessed.

Saudi Aramco ‘Data Breach’ not a ransomware attack: ZeroX group used 0Day exploit on third-party servers to grab 1TB data now available on Dark Web

Saudi Aramco claims that recent data breach was not due to a ransomware attack, but instead scraped from a third-party contractor. APT group ZeroX has taken responsibility and claimed that they gained access the company’s networks and servers.

Over 68K Advocate Aurora Patients Impacted by Elekta Health Data Breach

Advocate Aurora Health, a healthcare organisation that provides access to physicians and medical professionals, has notified over 68,000 patients in Illinois of possible data exposure arising from the Elektra health data breach. Over 170 healthcare organisations were impacted by the April, 2021 attacks targeting Elektra.

Update now: TIBCO Data Virtualization software vulnerable to RCE via third-party flaws, claims researcher

Flaws in olders versions of BlazeDS and Java BeanShell libraries have allowed security researcher, Pedro Ribeiro, to find a remote code execution (RCE) on versions 8.3 and 8.4 of the TIBCO Data Visualization software. Pedro provides an excellent write-up over on Github.

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for July 20, 2021

The latest headlines brought to you Tuesday, Jul 20th, 2021, include; Oil giant, Saudi Aramco, hit by 1TB data breach; IT provider Cloudstar downed by ransomware attack; and numerous nations finally speaking out about China’s cyber activities.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Trending Headlines

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for July 19, 2021

The latest headlines brought to you Monday, July 19th, 2021, include; Fortune 500 U.S. law-firm exposes client information during February data breach; Israeli created spyware, Pegasus; Morgan Stanley identifies root cause of data breach, Accellion FTA hack.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Trending Headlines

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for July 18, 2021

The latest headlines brought to you Sunday, July 18th, 2021, include; Ecuador’s state run telco suffers ransomware attack; HelloKitty ransomware targeting ESXi and SonicWall devices; and more than 75k customers were affected during CNA ransomware attack, new information finds.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Trending Headlines

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for July 16, 2021

The latest headlines brought to you Friday, July 16th, 2021, include; CISA orders government agencies disable Microsoft Print Spooler in response to ‘PrintNightmare’; Hackney, London still struggling with recovery months after ransomware attack; and Russian defence ministry website taken down by DDOS attack.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Trending Headlines

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up

Cybersecurity Daily News for July 15, 2021

The latest headlines brought to you Thursday, July 15th, 2021, include; Joker mobile trojan back on Google Play; Google identifies three different 0-days being used against Armenian targets; and A South Carolina dermatology clinic hit with ‘Cuba’ ransomware, 2.4 million users affected.

#cybersecuritynews #infosecnews #ransomware #databreach #cyberattack

Trending Headlines

Cybersecurity Daily News is a curated list of relevant Cybersecurity and Information Security news from around the globe.

Brought to you by


Cybersecurity Daily News is a curated list of daily data breach, ransomware, and other cybersecurity related news articles produced by Rogue Security Intelligence Services from sources all over the world. Sign-up below to receive daily news directly to your inbox.

Daily Intelligence Email Sign-up