CyberSec Roundup
A synopsis of the Latest Cybersecurity News
South African Government Agency hit by Ransomware Attack
The Department of Justice and Constitutional Development in South Africa confirmed that their network was hit with a ransomware attack early in September. As a result of their information systems being encrypted, many of the department’s electronic services, such as email and issuing letters of authority, have been interrupted. Their IT department is currently working with state agencies to investigate the issue.
TTEC Ransomware Attack
TTEC, the American customer experience technology and services company, was the victim of a ransomware attack by the Ragnar Locker ransomware group. The severity of the attack is unknown, but activities at various company facilities have been disrupted. The company is actively investigating the incident, and initial findings do not indicate that any client data was compromised.
CISA Zoho ManageEngine Warning
CISA is imploring organizations that use ManageEngine ADSelfService Plus (a password management and single sign-on solution) to apply the most recent updates to fix a critical vulnerability tracked as CVE-2021-40539. The vulnerability could allow an attacker to remotely take control of a system via the remote code execution vulnerability. Threat actors have already begun exploiting the bug, and have hit businesses in various sectors, such as manufacturing, communications and finance.
By: David Pinder
IT & Security Consultant
Certified Ethical Hacker (Master)