Researchers at Vectra have identified an attack path that enables malicious actors with file system access to steal credentials for any Microsoft Teams user who is signed in. Attackers do not require elevated permissions to read these files, which exposes this concern to any attack that provides malicious actors with local or remote system access. Additionally, this vulnerability was determined to impact all commercial and GCC Desktop Teams clients for Windows, Mac, and Linux. Microsoft Teams is an Electron-based app. Electron works by creating a web application that runs through a customised browser. This is very convenient and makes development quick and easy.…
ISBuzz Team
Cyber insurance provider, Coalition, has announced the mid-year update to its 2022 Cyber Claims Report detailing the evolution of cyber trends, revealing that small businesses have become bigger targets, overall incidents are down, and ransomware attacks are declining as demands go unpaid.
Following the news that: U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks] U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks (thehackernews.com)
It has been reported that agencies will require software vendors to self-certify that they’re following secure development practices under new White House guidance, but it leaves the door open for departments to mandate third-party security assessments as well. The new guidance from the Office of Management and Budget, “Enhancing the Security of the Software Supply Chain through Secure Software Development Practices,” stems from last year’s cybersecurity executive order. It applies to agencies’ use of third-party software, in turn affecting the vast array of contractors and software producers in the federal procurement ecosystem.
Following news that the Daixin Team ransomware group has threatened to leak over 1 million medical records (https://www.theregister.com/2022/09/14/ransomware_medical_groups/), cyber security experts reacted below.
According to a new report, the FBI has identified an increasing number of vulnerabilities posed by unpatched medical devices that run on outdated software and devices that lack adequate security features. Cyber threat actors exploiting medical device vulnerabilities adversely impact healthcare facilities’ operational functions, patient safety, data confidentiality, and data integrity. Medical device vulnerabilities predominantly stem from device hardware design and device software management. Routine challenges include the use of standardised configurations, specialized configurations, including a substantial number of managed devices on the network, lack of device embedded security features, and the inability to upgrade those features. This comes after…
As Montenegro battles with a massive cyberattack, its computers are unplugged, the internet switched off and websites down. Reports today suggest pro-Russian hackers are behind the attack on the NATO state.
It has been reported that Canadian Solar, the manufacturer of solar PV modules, has claimed to be hacked by a ransomware known as LockBit 3.0 ransomware. The hackers have claimed a ransom amount from the company and have given a deadline to pay the amount till 13 September 2022. For extending the leak to the next 24 hours, the company has to pay a ransom amount of $10,000. And to destroy all the hacked data, the hackers have claimed around $20,000 of ransom from the company. Also, for downloading the stolen data, the hackers demanded $20,000. However, if the company…
It has been reported that two recent ransomware attacks against healthcare systems indicate cybercriminals continue to put medical clinics and hospitals firmly in their crosshairs. Daixin Team has taken credit for a September 1 assault on Texas-based OakBend Medical Center, causing a shutdown of the organization’s communication and IT systems as well as exfiltrating internal data. The criminals claim to have stolen more than a million records including names, dates of birth, Social Security numbers, and patient treatment information. The full story can be found here: https://www.theregister.com/2022/09/14/ransomware_medical_groups/
According to Metro, hackers are adopting a new phishing scam by disguising malware as WeTransfer links. The scam involves hackers sending a ‘Proof of Payment’ document from WeTransfer, but instead sharing a link containing malware.WeTransfer is a free file-sharing site used by several workers and businesses. Hackers have figured out a way to use this to get around security software that detects URLs in emails.Cybersecurity researchers from Cofense have found that hackers are now distributing malware called Lampion using misleading links.