Security daily (22-09-2021)

CISA, FBI, NSA warn of increased attacks involving Conti ransomware

The Department of Homeland Security’s cybersecurity agency, the FBI and National Security Agency urged organizations in an alert Wednesday to update their systems amid an increase in Conti ransomware attacks. DHS’ Cybersecurity and Infrastructure Security Agency and the FBI reported over 400 attacks using Conti ransomware against mostly U.S. targets between spring 2020 and spring 2021. The group primarily runs “double extortion” campaigns in which hackers encrypt and steal files. In the scheme, they demand a ransom from the victim in order to restore access to the systems; if the victim doesn’t pay, the actors threaten to leak the stolen data. At least 16 of the 400 reported attacks targeted U.S. health care providers and first responder networks, the FBI reported in May. The Conti ransomware gang has already been linked to several major attacks this year. In June the gang stole roughly 18,000 files from the Tulsa police, leaking […] The post CISA, FBI, NSA warn of increased attacks involving Conti ransomware appeared first on CyberScoop. (CyberScoop)

UK government group that is relocating Afghan interpreters exposed their sensitive email addresses

British government officials apologized after the U.K.’s Ministry of Defense exposed data about Afghan interpreters who worked with British troops in the Middle East, a slip that could have exposed the identities of people who are at risk of harassment and death. Email addresses belonging to more than 250 people who sought a move to the U.K. were exposed when a British defense official copied all the addresses in a single message, the BBC first reported. Email recipients could have opened the message to view the other names, and access profile pictures associated with interpreters. Afghan interpreters and their families have been the subject of intense focus for the Taliban, which has reportedly killed people who aided U.S. and British troops in the wake of the military pull out in August. The email in question was sent by the U.K.’s Afghan Relocations and Assistance Program team, the group leading an […] The post UK government group that is relocating Afghan interpreters exposed their sensitive email addresses appeared first on CyberScoop. (CyberScoop)

VMware patch bulletin warns: “This needs your immediate attention.”

"It is a matter of time before working exploits are available," warns VMware. (Naked Security)

Facebook May Have Paid Off The FTC To Protect Zuckerberg From Cambridge Analytica Scandal

(News ≈ Packet Storm)

How The Mafia Is Pivoting To Cybercrime

(News ≈ Packet Storm)

TikTok, GitHub, Facebook Join Open Source Bug Bounty

(News ≈ Packet Storm)

Confluence Code Exec Flaw Being Used By Crypto Miners

(News ≈ Packet Storm)

What is Cryptocurrency?

Cryptocurrency is best thought of as a digital currency that only exists on computers. It is transferred between peers (there is no middleman like a bank). Transactions are then recorded on a digital public ledger called the “blockchain”. Transaction data and the ledger are encrypted using cryptography. That is why it is called “crypto” “currency”. Cryptocurrency Main Features Let’s dig into how cryptocurrency works. Decentralized and Distributed Cryptocurrencies are decentralized and distributed. Continue reading What is Cryptocurrency? at Sucuri Blog. (Sucuri Blog)

How Cynet's Response Automation Helps Organizations Mitigate Cyber Threats

One of the determining factors of how much damage a cyber-attack cause is how fast organizations can respond to it. Time to response is critical for security teams, and it is a major hurdle for leaner teams. To help improve this metric and enhance organizations’ ability to respond to attacks quickly, many endpoint detection and response (EDR) and extended detection and response (XDR) vendors (The Hacker News)

Crystal Valley Farm Coop Hit with Ransomware

It's the second agricultural business to be seized this week and portends a bitter harvest with yet another nasty jab at critical infrastructure. (Threatpost)

Netgear SOHO Security Bug Allows RCE, Corporate Attacks

The issue lies in a parental-control function that's always enabled by default, even if users don't configure for child security. (Threatpost)


/security-daily/ 23-09-2021 23:44:22