Latest News

2021/07/06

A 'Colossal' Ransomware Attack Hits Hundreds Of U.S. Companies, A Security Firm Says

WASHINGTON (AP) — A ransomware attack paralyzed the networks of at least 200 U.S. companies on Friday, according to a cybersecurity researcher whose company was responding to the incident.

The REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack, said John Hammond of the security firm Huntress Labs. He said the criminals targeted a software supplier called Kaseya, using its network-management package as a conduit to spread the ransomware through cloud-service providers. Other researchers agreed with Hammond's assessment.
Source: www.npr.org
2021/06/29

Microsoft Signs Malware That Spreads Through Gaming

The driver, called “Netfilter,” is a rootkit that talks to Chinese C2 IPs and aims to spoof gamers’ geo-locations to cheat the system and play from anywhere, Microsoft said.

Microsoft signed a driver being distributed within gaming environments that turned out to be a malicious network filter rootkit.

G DATA malware analyst Karsten Hahn first noticed the rootkit, publicly posting the find on June 17 and simultaneously reaching out to Microsoft. Hahn noted that the code – a third-party driver for Windows named Netfilter that has been circulating in the gaming community – connected to an IP address in China.
2021/06/10

Intel Plugs 29 Holes in CPUs, Bluetooth, Security

Intel has unleashed 29 security advisories to plug up some serious bugs in the BIOS firmware for Intel processors, as well as in its Bluetooth products, Active Management Technology tools, the NUC Mini PC line, and, ironically, in its own security library.

Details about the advisories can be found at Intel’s Product Security Center.

Intel’s senior director of communications, Jerry Bryant, said in a blog post on Wednesday that Intel’s mostly digging these security issues up internally – as in, 95 percent – through its own diligence, with big chunks of them coming through its bugs bounty program and the company’s own research.
2021/05/26

Critical RCE Vulnerability Found in VMware vCenter Server — Patch Now!

VMware has rolled out patches to address a critical security vulnerability in vCenter Server that could be leveraged by an adversary to execute arbitrary code on the server.

Tracked as CVE-2021-21985 (CVSS score 9.8), the issue stems from a lack of input validation in the Virtual SAN (vSAN) Health Check plug-in, which is enabled by default in the vCenter Server. "A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server," VMware said in its advisory.
2021/05/26

Apple Patches Zero-Day Flaw in MacOS that Allows for Sneaky Screenshots

Apple has patched a critical bug in macOS that could be exploited to take screenshots of someone’s computer and capture images of their activity within applications or on video conferences without that person knowing.

Apple addressed the vulnerability—discovered by researchers at enterprise cybersecurity firm Jamf— in the latest version of macOS, Big Sur 11.4, released on Monday, the company told Forbes, according to a published report.