November 13, 2024 at 07:22PM Bitdefender has launched a free decryption tool for ShrinkLocker ransomware, leveraging a simple yet effective malware approach. The tool is now part of their collection of decryptors. Meanwhile, CISA’s ScubaGear software, designed to enhance Microsoft 365 security, has seen a surge in downloads due to rising cloud attack vulnerabilities. ### … Read more
November 13, 2024 at 09:46AM Bitdefender has launched a free decryptor for ShrinkLocker ransomware, allowing data recovery following an analysis of the malware’s operations. The ransomware uses BitLocker for encryption and exploits trusted relationships to infiltrate systems. Recommendations for organizations include proactive monitoring and configuring BitLocker policies to mitigate risks. ### Meeting Takeaways 1. **Bitdefender’s … Read more
November 13, 2024 at 09:24AM Bitdefender has released a decryptor for the ShrinkLocker ransomware, which exploits Windows BitLocker to encrypt files. Despite its low sophistication, it has caused significant damage in attacks on organizations, including healthcare. The decryptor allows victims to recover files when used promptly, targeting specific configurations of BitLocker protection. ### Meeting Takeaways … Read more
August 9, 2024 at 02:48PM An analysis of Solarman and Deye Cloud for managing solar power installations uncovered vulnerabilities in their cloud APIs. Bitdefender researchers found that unauthorized parties could alter inverter settings and access personally identifiable information via these APIs. Potential consequences include destabilizing the power grid and compromising a significant amount of solar … Read more
August 8, 2024 at 09:18AM Bitdefender researchers found critical vulnerabilities in widely used Solarman and Deye solar power systems, potentially enabling attackers to cause disruption and blackouts. The flaws allowed attackers to take control of accounts, manipulate inverters, and access sensitive data. Bitdefender reported the findings and patches were deployed in the summer. Robust cybersecurity … Read more
July 29, 2024 at 06:29PM A new variant of the Android spyware ‘Mandrake’ was discovered in five Google Play apps downloaded 32,000 times. Kaspersky found the updated version with enhanced obfuscation and evasion, entering through these apps. The spyware operates stealthily, prompting users to install further malicious APKs. Android users are urged to be cautious … Read more
May 23, 2024 at 07:22AM A Chinese threat group known as Unfading Sea Haze has been targeting military and government entities in the South China Sea for over six years, utilizing sophisticated tools and tactics including spear-phishing, backdoors, and commercially available remote monitoring and management tools. The group’s activities align with Beijing’s interests, indicating potential … Read more
May 22, 2024 at 09:32AM “Unfading Sea Haze,” a previously unknown threat actor, is targeting military and government entities in the South China Sea region, displaying alignment with Chinese geo-political interests. Their attacks involve abusing MSBuild for fileless malware and deploying various tools such as custom keyloggers and info-stealers. To counter these attacks, organizations require … Read more
April 10, 2024 at 08:30AM Bitdefender researchers found four vulnerabilities in LG TVs running WebOS versions 4 through 7. These flaws, including CVE-2023-6317 and CVE-2023-6318, could be exploited to gain unauthorized access and take control of the device. LG released patches in March 2024, but many internet-exposed instances are still vulnerable, particularly in South Korea. … Read more
April 9, 2024 at 11:37AM Bitdefender researchers discovered four critical vulnerabilities in LG WebOS used in smart TVs, allowing unauthorized access and control. Exploiting these flaws, attackers can bypass authorization, gain root access, execute arbitrary commands, and create arbitrary accounts using a PIN. LG took five months to release security updates, emphasizing the importance of … Read more