BACKGROUND: A zero-day vulnerability in Western Digital My Book Live NAS device has allowed a threat actor to perform a mass-factory reset of devices last week including admin passwords. Once reset, the user will lost the data and will not be able to access their accounts.
ISBuzz Team
BACKGROUND: The Cybersecurity and Infrastructure Security Agency (CISA) has released the Ransomware Readiness Assessment (RRA), a new module for its Cyber Security Evaluation Tool (CSET). RRA is a security audit self-assessment tool for organizations that want to understand better how well they are equipped to defend against and recover from ransomware attacks targeting their information technology (IT), operational technology (OT), or industrial control system (ICS) assets.
BACKGROUND: Europol, the US Department of Justice, and Britain’s National Crime Agency have joined forces to take down a Russian-language VPN service since it is believed to be used by criminals.
Cybersecurity researchers published a proof-of-concept code to GitHub along with additional technical information. It appears this publication was accidental and the post was removed, but not before it was cloned. The PoC is, however, still available in other GitHub repositories. Originally listed in Microsoft’s June Patch Tuesday as a low severity elevation of privilege vulnerability, CVE-2021-1675 was revised on June 21 to a critical severity remote code execution flaw.
McAfee’s latest Mobile Threat Report: A Year of Lockdown Sees a Surge in Mobile Malware Targeting Banking, Billing and COVID-19 Vaccines includes key findings such as: COVID-related malware – more than 90% are in the form of Trojans; New information on Etinu mobile malware which steals SMS messages and then makes purchases charged to the user; and Between Q3 and Q4 2020: 141% increase in Banking Trojan activities.
BACKGROUND: It has been reported that multiple police forces in the UK are warning WhatsApp users about scammers that could hijack their accounts. The scam involves security codes and has existed for a while but is rearing its head again. The old scam involves a message that’s seemingly from your friend. A usually hacker poses as a friend or someone you may know in order to gain access to your account. They could then use your account to launch attacks on other people or try and scam them out of money or information.
Windows 11 will include the DNS-over-HTTPS privacy feature, which allows users to perform DNS lookups over an encrypted connection.
BACKGROUND: As reported by 9to5mac a second massive Linkedin breach reportedly exposes the data of 700M users, which is more than 92% of the total 756M users. “The database is for sale on the dark web, with records including phone numbers, physical addresses, geolocation data, and inferred salaries. The hacker who obtained the data has posted a sample of 1M records, and checks confirm that the data is both genuine and up-to-date … No passwords are included, but as the site notes, this is still valuable data that can be used for identity theft and convincing-looking phishing attempts that can…
There has been a jump in ransomware since the pandemic began and many businesses have either suffered from an attack themselves or know someone in their supply chain who has become a ransomware victim. Ransomware-as-a-Service is also a fast-emerging threat so we spoke to Sean Tickle, Head of CyberGuard Technologies, to learn whether companies should pay the demand to end ransomware attacks or not, and what the cost of paying the demand could truly be. How has ransomware grown in the last few years? Sean Tickle: One of the most worrying trends of 2020 has been the increased level of ransomware attacks against…
The Microsoft Threat Intelligence Center said it’s been tracking recent activity from Nobelium, a Russia-based hacking group best known for the SolarWinds cyberattack of December 2020, and that the group managed to use information gleaned from a Microsoft worker’s device in attacks. Microsoft said it “detected information-stealing malware on a machine belonging to one of our customer support agents with access to basic account information for a small number of our customers” and that “the actor used this information in some cases to launch highly-targeted attacks as part of their broader campaign.” The affected customers were notified of the breach.…