BACKGROUND: You should update your iphone right now says cnet. Apple releases security patch for an active exploit. Details are scarce, but it’s a good idea to update your device as soon as you’re able. Apple just released an update for iOS and iPadOS 15.0.2, which fixes a security bug on Apple devices. Notably, Apple says that the bug “may have been actively exploited,” which means you should update your device right now. Monday’s update fixes a memory corruption issue that might have allowed some apps to “execute arbitrary code with kernel privileges,” according to Apple’s support page. Translation? Hackers…
Author: ISBuzz Team
BACKGROUND: News broke last night that engineering company, The Weir Group, was hit by a “sophisticated attempted ransomware attack” in mid-September. Whilst no sensitive data has been released, IT systems were shut down which is expected to have a considerable impact on operations and revenue into Q4.
BACKGROUND: New research from Ermetic The Urgent Threat of Ransomware to S3 Buckets. Researchers detail how compromised identities could easily deliver ransomware into the system. Here’s the overview of the research. AWS S3 buckets are regarded as highly reliable, so have come to be used with great confidence. What most cloud security stakeholders don’t realize is that S3 buckets face a great security risk, from an unexpected source: identities. A compromised identity with a toxic combination of entitlements can easily perform ransomware on an organization’s data. In recent research, we used the Ermetic analysis engine on a sampling of real…
BACKGROUND: The recent Silicon Valley VC Firm Deal Flow Leak exposed 6GB of sensitive data including deal flow information pertaining to investors and startups, cybersecurity expert reacted below.
BACKGROUND: Earlier this week, threat researchers at Sophos discovered a new strain of ransomware, written in Python and designed to deploy ransomware unusually fast. The strain was used to compromise and encrypt virtual machines hosted on an ESXi hypervisor.
BACKGROUND: As reported by the Daily Mail, secret plans for a suite of enhanced weapons, potentially for use by Britain’s Special Forces, have been revealed in an astonishing new security blunder by defence officials. Details of research into the next generation of munitions appeared to have been safely redacted in a document marked ‘Official Sensitive’ and posted on a Government website. But The Mail on Sunday revealed that simply by copying and pasting the text, every blanked-out detail can be read. The Ministry of Defence last night said it was taking action to correct the security breach after the Mail…
BACKGROUND: New research by academics at Trinity College Dublin and the University of Edinburgh has revealed extensive no opt-out data collection on Android devices. The researcher found that a range of popular Android mobile phones are sharing the data with third parties with no opt-out available to the user. Cybersecurity experts provide insight on this research below.
BACKGROUND: Mandiant has announced it upgraded a financially-motivated threat actor to “FIN12.”FIN12 has deliberately and aggressively targeted healthcare facilities with ransomware throughout the pandemic, and has accounted for nearly 20% of all ransomware intrusions Mandiant has responded to in the last year. Unlike other ransomware operations seen today, FIN12 does not focus on stealing data to use for extortion, and instead prioritizes speed in their operations. As a result, their average time-to-ransom is around 2.5 days which is roughly twice as fast as other ransomware gangs. This highlights a growing concern that threat actors are improving not just in terms of volume due to larger teams, but also efficiency…
BACKGROUND: The Des Moines Register reports on a cyberattack on Farmers Cooperative Elevator Co. of Arcadia IA by the BlackByte ransomware gang. BlackByte warns it will expose 100 gigabytes of sensitive data such as financial, sales and accounting information, should its ransom demand go unmet. The attack follows September cyberattacks on The New Cooperative, a 60-site farm services organization in Ft. Dodge IA that is still is working to restore operations, and the Crystal Valley Cooperative, a leading farm and grain cooperative headquartered in Mankato, Minnesota. Five cybersecurity experts offer perspective.
BACKGROUND: It has been reported that a new cyber espionage campaign directed against the aerospace and telecommunications industries, primarily in the Middle East, with the goal of stealing sensitive information about critical assets, organisations’ infrastructure, and technology while remaining in the dark and successfully evading security solutions. Boston-based cybersecurity company Cybereason dubbed the attacks “Operation Ghostshell,” pointing out the use of a previously undocumented and stealthy remote access trojan (RAT) called ShellClient that’s deployed as the main spy tool of choice. The first sign of the attacks was observed in July 2021 against a handpicked set of victims, indicating a…
