CyberSec Roundup A synopsis of the Latest Cybersecurity News   Conti Ransomware Hacking Exchange Servers Organizations with on-premise Exchange Servers are urged to ensure the latest security updates are applied to their servers, specifically the ones addressing the three vulnerabilities tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. The patches released in May prevent ProxyShell attacks which[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   FBI issues warning about Hive Ransomware The FBI’s most recent Flash Alert is warning businesses about the Hive Ransomware group. They use various methods to compromise networks including phishing emails and infect them with ransomware once they are in. Organizations that fall prey are required[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   Recruitment Call for Insider Threats A Nigerian threat actor is attempting to solicit employees to sabotage their companies’ networks with DemonWare ransomware. Their phishing campaign is promising potential accomplices $1 million in bitcoin, or 40% of the ransom, to deploy the ransomware on a company[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   $610 Million Crypto Heist Poly Network was the victim of the biggest heist in decentralized finance history. Poly Network facilitates token transfers between the Binance, Ethereum and Polygon blockchains using smart contracts. There was a vulnerability in one of these smart contracts where the hackers[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   Gigabyte Technology attacked by RansomEXX Gigabyte Technology was the victim of a ransomware attack, perpetrated by the RansomEXX ransomware group. Gigabyte confirmed the attack and reported that they were required to shut down many of their systems as a result of the incident, which most[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   LemonDuck Attacks Windows and Linux LemonDuck started as a crypto-mining malware, but now it has developed over time into a very dangerous and sophisticated piece of malware. According to Microsoft’s 365 Defender Threat Intelligence Team, it steals credentials, removes security controls, spreads rapidly via emails[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   New Attack to Hack Windows Domain Controllers French security researcher Topotam discovered a new NTLM relay attack that can be used to take control of Windows domain controllers and other Windows servers. Typically, this attack would utilize the MS-RPRN printing API which could be mitigated[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   REvil Ransomware Operation Disappears The REvil ransomware group seems to have vanished! The group has multiple sites on the darknet and the clearnet, which all appear to be offline; this includes the data leak Happy Blog site and their payment portal. It is unclear at[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   Malware targeting Latin American Countries ESET security researchers have uncovered a malicious campaign called Bandidos, which is being used to spy on corporate Latin American networks, particularly in Venezuela. The threat actors are using an upgraded version of the Bandook remote access trojan. ESET’s telemetry[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   Major Supply Chain Attack The REvil ransomware group scored a major coup on Friday when they managed to take advantage of a zero-day vulnerability in the Kaseya VSA tool. Kaseya VSA is a powerful tool used by many I.T. managed services providers to manage and[…]