News – Page 497

RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE

Posted on 7 August 2021

From securityaffairs.co

RansomEXX ransomware gang hit the Taiwanese manufacturer and distributor of computer hardware GIGABYTE and claims to have stolen 112GB of data.

At the time of this writing, the leak site of the RansomEXX gang dosn’t include the company name, but BleepingComputer has learned that the attack was conducted by this ransomware gang.

The attack took place on Tuesday night, in response to the infection the company shut down its systems to prevent the ransomware from spreading. The incident also affected multiple websites of the company, including its support site and portions of the Taiwanese website.

The company confirmed the security breach and launched an investigation into the incident with the help of external security experts.

Black Hat 2021: WARCannon simplifies web-wide vulnerability research

Posted on 6 August 2021

From portswigger.net

An open source tool that makes grepping the internet for web vulnerabilities simpler, faster, and cheaper was unveiled at Black Hat USA today.

Security researchers and bug bounty hunters who unearth novel flaws in web applications, web frameworks, or open source components can use WARCannon to non-invasively test regex patterns across the entire internet for corresponding vulnerability indicators.

But this entails the parsing of a daunting volume of data – in the region of hundreds of terabytes.

Defending universities against ransomware with cloud backups

Posted on 6 August 2021

From itproportal.com

As the back-to-school season rapidly approaches, prepping for cybersecurity threats and particularly ransomware should be at the top of the to-do list for any university IT departments. According to recent research, from 2019 to 2020 the number of ransomware attacks US universities faced increased by 100 percent, with average losses per attack standing at over $450K. ”Aggressive and urgent” action has also been called for by the Biden Administration’s Ransomware Task Force, and across the pond it’s not much better – the UK’s National Cyber Security Centre recently stated that ransomware incidents it handled have tripled in the same period.

Telegram for Mac bug lets you save self-destructing messages forever

Posted on 6 August 2021

From bleepingcomputer.com

Researchers have discovered a way for users on Telegram for Mac to keep specific self-destructing messages forever or view them without the sender ever knowing.

Telegram offers an optional ‘Secret Chat’ mode that increases the privacy of chats by enabling a variety of additional features.

When you start a Secret Chat with another Telegram user, the connection will become end-to-end encrypted, and all messages, attachments, and media will be set to automatically self-destruct and be removed from all devices after a certain period.

However, new bugs discovered by Reegun Richard Jayapaul, Trustwave SpiderLabs’ Lead Threat Architect, allow Telegram for Mac users to save self-destructing messages and attachments forever.

When media files, other than attachments, are sent in a message, they are saved in a cache folder located at the following path, with the XXXXXX unique numbers associated with an account.

Detecting Cobalt Strike: Cybercrime Attacks

Posted on 6 August 2021

From secureworks.com

Many cybercriminals that operate malware use the ubiquitous Cobalt Strike tool to drop multiple payloads after profiling a compromised network. Cobalt Strike is a commercially available and popular command and control (C2) framework used by the security community as well as a wide range of threat actors. The robust use of Cobalt Strike lets threat actors perform intrusions with precision.

Secureworks® Counter Threat Unit™ (CTU) researchers conducted a focused investigation into malicious use of Cobalt Strike to gain insights about when and how the tool has been used. This knowledge can help to secure organizations that may be targeted by threat actors with diverse motives.

INFRA:HALT: A New Stack of Vulnerabilities That Affect Millions of OT Devices

Posted on 6 August 2021

From cyware.com

Millions of Operational Technology (OT) devices manufactured by over 200 vendors are at risk of cyberattacks following the discovery of 14 new vulnerabilities. Collectively called INFRA:HALT, these vulnerabilities affect devices used across manufacturing plants, power generation, water treatment, and other critical infrastructure organizations.

First Apple Store in India Delayed Due to Global Health Crisis

Posted on 6 August 2021

From itsecuritynews.info

This article has been indexed from MacRumors: Mac News and Rumors – Front Page

The first physical Apple retail store in India, promised by Apple CEO Tim Cook last year to open in 2021, has been delayed due to the worldwide health crisis, the company has confirmed to The Indian Express.