Microsoft released fixes for over 60 CVEs this month including two zero-day vulnerabilities, one of which is being actively exploited in the wild.
ISBuzz Team
Following the news that: New approach to ransomware encryption threatens to undermine cyber security strategies New approach to ransomware encryption threatens to undermine cyber security strategies | IT PRO
Albania announced last week it was severing ties with Iran after discovering it was behind devastating attacks against the country in July. However, following Albania’s announcement, the country suffered fresh cyberattacks over the weekend which affected border control. The latest cyber-attack on Albanian institutions caused queues on border points during the weekend, where the registration of citizens and vehicles entering and leaving the country had to be done manually. Prime Minister Edi Rama said the latest cyber-attack “was made by the same aggressors”, meaning Iran.
HYCU researchers are reporting 65% of respondents lack full confidence in their legacy backup solutions (HYCU’s in the multi-cloud backup-as-a-service biz). Excerpts According to the report, 65% of surveyed enterprise organizations are increasing spending on detection, prevention and recovery, and respondents are beginning to understand that air-gapped or immutable backups are the only ways to ensure that the backups themselves don’t fall prey to encryption worms when ransomware hits. Key findings include: ● 52% of ransomware victims suffered data loss ● 63% of victims suffered an operational disruption ● Just 41% air gap their backups ● Just 47% routinely test…
Researchers have uncovered a new campaign targeting U.S., Canadian and Japanese energy providers to the North Korean Lazarus APT hacking group. The initial vector was the exploitation of the Log4j vulnerability on exposed VMware Horizon servers which was used to gain an initial foothold into targeted organizations https://blog.talosintelligence.com/2022/09/lazarus-three-rats.html
Jeremy Kirk, the editor over at ISMG reported on Twitter last night that the Vice society was claiming responsibility for the LA School District cyberattack. The Vice Society is a “double extortion” ransomware group, meaning they encrypt the data and also threaten to publish it.
The adoption of cryptocurrency is continuously increasing. With the many advantages such as the efficiency and transparency of payments, it is no surprise that financial institutions are eager to get involved in crypto. At BanklessTimes.com we have analysed the newest research on the mainstream adoption of cryptocurrencies and the issues associated with its use. Key Takeaways: 76% of global financial institutions plan on using crypto within the next three years.Financial Services firms added three times as many crypto jobs last year compared to 2015.The number of Coinbase users has reached over 8 million.Regulations or the lack of regulations in crypto are still an issue for many financial institutions.
It has been reported that Uber’s former security officer, Joe Sullivan, is standing trial this week in what is believed to be the first case of an executive facing criminal charges in relation to a data breach. The US district court in San Francisco will start hearing arguments on whether Sullivan, the former head of security at the ride share giant, failed to properly disclose a 2016 data breach affecting 57 million Uber riders and drivers around the world. The full story can be found here: https://www.theguardian.com/technology/2022/sep/06/uber-joe-sullivan-trial-security-data-breach Commenting on this story:
WH Smith is feeling the effects of a cyber-attack on its subsidiary, Funky Pigeon. The attack occurred in April but its significant adverse affects on the retailer have only been reported today.
I wanted to reach out to put some news on your radar (if it’s not already). Holiday Inn owner, Intercontinental Hotels Group (IHG), has confirmed the company has been hit by a cyber-attack. IHG, which has some of the world’s largest hotel chains, issued a statement saying it was investigating “unauthorized access” to a number of its technology systems. The UK-based company said its “booking channels and other applications” had been disrupted since Monday. This continues a worrying trend following breach in 2017.