CyberSec Roundup A synopsis of the Latest Cybersecurity News   $610 Million Crypto Heist Poly Network was the victim of the biggest heist in decentralized finance history. Poly Network facilitates token transfers between the Binance, Ethereum and Polygon blockchains using smart contracts. There was a vulnerability in one of these smart contracts where the hackers[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   Gigabyte Technology attacked by RansomEXX Gigabyte Technology was the victim of a ransomware attack, perpetrated by the RansomEXX ransomware group. Gigabyte confirmed the attack and reported that they were required to shut down many of their systems as a result of the incident, which most[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   LemonDuck Attacks Windows and Linux LemonDuck started as a crypto-mining malware, but now it has developed over time into a very dangerous and sophisticated piece of malware. According to Microsoft’s 365 Defender Threat Intelligence Team, it steals credentials, removes security controls, spreads rapidly via emails[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   New Attack to Hack Windows Domain Controllers French security researcher Topotam discovered a new NTLM relay attack that can be used to take control of Windows domain controllers and other Windows servers. Typically, this attack would utilize the MS-RPRN printing API which could be mitigated[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   REvil Ransomware Operation Disappears The REvil ransomware group seems to have vanished! The group has multiple sites on the darknet and the clearnet, which all appear to be offline; this includes the data leak Happy Blog site and their payment portal. It is unclear at[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   Malware targeting Latin American Countries ESET security researchers have uncovered a malicious campaign called Bandidos, which is being used to spy on corporate Latin American networks, particularly in Venezuela. The threat actors are using an upgraded version of the Bandook remote access trojan. ESET’s telemetry[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   Major Supply Chain Attack The REvil ransomware group scored a major coup on Friday when they managed to take advantage of a zero-day vulnerability in the Kaseya VSA tool. Kaseya VSA is a powerful tool used by many I.T. managed services providers to manage and[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   Mercedes-Benz Leaks Customer Data Mercedes-Benz informed their customers that there was a data breach from one of their vendors where approximately 1.6 million records were accessed. Less than 1000 customers would have been affected, but the data accessed included personal information such as driver license[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News   Carnival Data Breach Last week Carnival Corporation disclosed that the company suffered a serious cyber event, where there was a breach of their I.T. infrastructure. The company contracted a cybersecurity firm to investigate the incident, and they discovered that the hackers gained access to personal[…]

CyberSec Roundup A synopsis of the Latest Cybersecurity News Slilpp Marketplace shutdown A cyber operation which involved a joint law enforcement effort from the U.S., Germany, the Netherlands, and Romania has resulted in the closure of the SLilpp marketplace. It was known as the largest online marketplace for stolen login credentials since 2012. Slilpp had[…]