October 13, 2023 at 10:12AM The US cybersecurity agency CISA has released two new resources to help organizations identify and eliminate security flaws targeted by ransomware groups. The resources include a column in the Known Exploited Vulnerabilities catalog that flags flaws associated with ransomware campaigns, and a table on the StopRansomware project’s website listing misconfigurations … Read more
October 13, 2023 at 09:19AM SecurityWeek provides a concise compilation of noteworthy cybersecurity stories. This week’s stories include the appeal of former Uber security chief Joe Sullivan against his conviction for covering up a data breach, a bounty offered for finding the NIST elliptic curve seeds, analysis of surveillance products by NSO Group competitor Intellexa, … Read more
October 13, 2023 at 07:48AM Ransomware attacks have become more sophisticated and adaptable, using new techniques and targeting vulnerabilities in networking devices. The healthcare sector has become a significant target, with a focus on stealing sensitive data. High-income organizations are preferred targets due to their ability to pay ransoms and the potential damage to their … Read more
October 13, 2023 at 07:06AM AvosLocker ransomware gang has been linked to recent attacks on critical infrastructure sectors in the U.S. The gang uses legitimate software and open-source remote administration tools to compromise networks and exfiltrate data. AvosLocker leverages sophisticated techniques to avoid detection and affects Windows, Linux, and VMware environments. The attacks rely on … Read more
October 13, 2023 at 06:18AM Dozens of vulnerabilities in the Squid caching and forwarding web proxy, discovered in 2021 by researcher Joshua Rogers, remain unpatched. Only a few flaws have been addressed, while 35 vulnerabilities still exist. The Squid Team lacks resources to address the issues, and the researcher suggests reassessing the use of Squid … Read more
October 13, 2023 at 06:18AM Microsoft has launched a bug bounty program specifically focused on vulnerabilities in its artificial intelligence (AI)-powered Bing search engine. The program offers rewards of up to $15,000 for vulnerabilities found in bing.com and associated applications. Microsoft is particularly interested in vulnerabilities related to inference manipulation, model manipulation, and inferential information … Read more
October 13, 2023 at 03:59AM Void Rabisu, a threat actor associated with financially motivated ransomware attacks, has shifted its focus to targeted campaigns on Ukraine and countries supporting Ukraine. They have developed a new variant called ROMCOM, which they used in campaigns targeting EU military personnel and political leaders working on gender equality initiatives. The … Read more
October 13, 2023 at 03:24AM The DarkGate malware is being distributed through messaging platforms like Skype and Teams. Once installed, additional malicious payloads are introduced. The campaign has been most active in the Americas, followed by Asia, the Middle East, and Africa. DarkGate is a commodity loader that executes various actions, including remote access, cryptocurrency … Read more
October 12, 2023 at 07:46PM The US government has updated the list of tools used by AvosLocker ransomware affiliates in attacks to include open-source utilities and custom PowerShell and batch scripts. The FBI and CISA have shared a YARA rule for detecting malware disguised as a legitimate network monitoring tool. AvosLocker affiliates use legitimate software … Read more
October 12, 2023 at 06:39PM In summary, the text highlights the quantum threat to cybersecurity and the need for post-quantum cryptography (PQC) to protect against it. It discusses the importance of cryptographic agility and orchestration in managing and adapting to changing cryptographic algorithms. The text also emphasizes the ongoing PQC standardization process and the need … Read more