CyberSec Roundup
A synopsis of the Latest Cybersecurity News
DarkSide Hits Colonial Pipeline
Colonial Pipeline, the largest refined products pipeline system in the U.S, disclosed last week that they temporarily paused operations due to a ransomware attack. Cybersecurity firm FireEye’s is assisting the company with the investigation into the incident, where the DarkSide ransomware group appears to be responsible.
Foxit PDF Vulnerability
A very serious vulnerability has been found in the Foxit PDF reader software. The vulnerability, tracked as CVE-2021-21822, can be exploited via the software’s V8 JavaScript engine. An infected PDF document can allow an attacker to exploit the vulnerability and execute arbitrary commands or code on a victim’s machine. Foxit has a patch available to fix the issue.
Pirating leads to Ransomware Attack
The cybersecurity firm Sophos disclosed that a biomolecular facility in Europe was the victim of a ransomware attack which caused them to lose a week’s worth of research data. They became infected when a student decided to install cracked software on their machine, which was also infected with a trojan. The student used this machine to remotely access to the facility, where the attackers were then able to infect the facility’s network with Ryuk ransomware. Despite the irresponsibility of the student, stricter remote access controls may have helped to prevent this attack.
By: David Pinder
IT & Security Consultant
Certified Ethical Hacker