CyberSec Roundup
A synopsis of the Latest Cybersecurity News
LemonDuck Attacks Windows and Linux
LemonDuck started as a crypto-mining malware, but now it has developed over time into a very dangerous and sophisticated piece of malware. According to Microsoft’s 365 Defender Threat Intelligence Team, it steals credentials, removes security controls, spreads rapidly via emails and throughout the network. After the initial infection, the attackers can use LemonDuck to drop ransomware and other malicious software on the system. LemonDuck affects both Windows and Linux systems, but there are various ways to protect them against LemonDuck; ensure they are patched, prevent USB devices from connecting to systems and ensure your security software is tamper-proof.
Darkside and REvil Re-emerge
BlackMatter is a new ransomware group that claims to the formed from the best parts of DarkSide, REvil, and LockBit. In a post on their blog on the darknet, the group made assurances that they would not attack organizations involved in healthcare, critical infrastructure, oil and gas, defense, non-profit, or government sectors. The group has already started to recruit partners and affiliates to their cause, and has begun to hack companies with ransomware.
UC San Diego Health Hacked
UC San Diego Health disclosed that they experienced a security event involving unauthorized access to some employee email accounts. The hackers had access between December 2020 and April 2021, during this time they had full access to personal and medical information about patients, students, and employees. As is the norm with these types of breaches, the hospital is offering free credit monitoring and identity theft protection through Experian IdentityWorks for one year.
By: David Pinder
IT & Security Consultant
Certified Ethical Hacker (Master)