CyberSec Roundup
A synopsis of the Latest Cybersecurity News
Gigabyte Technology attacked by RansomEXX
Gigabyte Technology was the victim of a ransomware attack, perpetrated by the RansomEXX ransomware group. Gigabyte confirmed the attack and reported that they were required to shut down many of their systems as a result of the incident, which most noticeably affected their support website. RansomEXX claims to have taken 112 GB of information from Gigabyte’s internal network and the American Megatrends Git Repository.
Cisco ASDM Vulnerability
Cisco reported that their Adaptive Security Device Manager (ADSM) which provides a web interface for configuring their Adaptive Security Appliance firewalls has a remote code execution vulnerability. It is being tracked as CVE-2021-1585, and could allow an unauthenticated attacker to remotely execute code on the target’s system. There is currently no patch or workaround for this issue, but Cisco is working on one.
ACSC Alert
The Australian Cyber Security Centre is warning local organizations to be vigilant against ransomware attacks. Last week they reported that they have become aware of several Australian organizations, across various business sectors, have been hit by LockBit 2.0 ransomware. The LockBit attackers have been calling in their ransoms with threats to publish any stolen data. Businesses are urged to implement mitigation controls to prevent future attacks.
By: David Pinder
IT & Security Consultant
Certified Ethical Hacker (Master)