CISA updates Conti ransomware alert with nearly 100 domain names
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated the alert on Conti ransomware with indicators of compromise (IoCs) consisting of close to 100 domain names used in malicious operations. Originally published on September 22, 2021, the advisory includes details observed by CISA and the Federal Bureau of Investigation (FBI) in Conti ransomware attacks targeting organizations in the U.S. The updated cybersecurity advisory contains data from the U.S. Secret Service. READ MORE...
Vodafone Investigating Source Code Theft Claims
The hacker group, calling itself "Lapsus$," claims to have obtained roughly 200 Gb of source code files, allegedly representing approximately 5,000 GitHub repositories. In an emailed statement, Vodafone confirmed that it's aware of the claims and said an investigation has been launched. "We are investigating the claim together with law enforcement, and at this point we cannot comment on the credibility of the claim," Vodafone told SecurityWeek. READ MORE...
REvil member accused of Kaseya ransomware attack arraigned in Texas
The Russian government in January said it arrested eight members of the group. U.S. Attorney General Merrick Garland said at the time the malware has been "deployed" against roughly 175,000 computers worldwide, generating at least $200 million in extortion fees. The Justice Department extradited and arraigned a member of the REvil ransomware group accused of conducting multiple ransomware attacks, including the July attack against Florida-based IT and security firm Kaseya. READ MORE...
Russia May Use Ransomware Payouts to Avoid Sanctions
Russia may ramp up ransomware attacks against the United States as a way to avoid sanctions levied against the nation and Vladimir Putin's government for its invasion of Ukraine, U.S. federal authorities are warning. The Financial Crimes Enforcement Network (FinCEN) issued a FinCEN Alert (PDF) on Wednesday advising all financial institutions to remain vigilant against potential efforts to evade the expansive sanctions and other U.S.-imposed restrictions related to the current conflict. READ MORE...
Qakbot Botnet Sprouts Fangs, Injects Malware into Email Threads
The Qakbot botnet is getting more dangerous, sinking its fangs into email threads and injecting malicious modules to pump up the core botnet's powers. On Thursday, Sophos published a deep dive into the botnet, describing how researchers have recently seen it spreading through email thread hijacking - an attack in which malware operators malspam replies to ongoing email threads. READ MORE...
Why You Should Be Using CISA's Catalog of Exploited Vulns
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued Binding Operations Directive 22-01 aimed at reducing risk associated with actively exploited vulnerabilities. The directive was accompanied by a catalog of known exploited vulnerabilities maintained by CISA that includes mandatory remediation deadlines. Essentially, it means "fix these fast or else" for applicable agencies and organizations. READ MORE...
Ukraine invasion: This may be the quiet before the cyber-storm, IT staff warned
As the invasion of Ukraine heads into its third week with NATO allies ratcheting up sanctions against Russia, infosec vendors have urged Western governments and businesses to prepare for retaliatory cyberattacks. According to Mandiant, Ukraine remains the top target for destructive or disruptive cyberattacks. That said, several US and EU sectors including government, financial services, energy and utilities, and transportation face a "moderate-high" risk of attack from Kremlin-backed miscreants. READ MORE...
Intel, AMD, Arm warn of new speculative execution CPU bugs
Security researchers have found new a new way to bypass existing hardware-based defenses for speculative execution in modern computer processors from Intel, AMD, and Arm. Today, the three CPU manufacturers have published advisories accompanied by mitigation updates and security recommendations to tackle recently discovered issues that allow leaking of sensitive information despite isolation-based protections. READ MORE...
- ...in 1876, the first discernible speech is transmitted over a telephone system by inventor Alexander Graham Bell.
- ...in 1971, actor Jon Hamm ("Mad Men", "Unbreakable Kimmy Schmidt") is born in St. Louis, MO.
- ...in 1977, astronomers James Elliot, Edward Dunham, and Jessica Mink definitively confirm that the planet Uranus has rings.
- ...in 2000, the NASDAQ Composite index peaks at 5,048.62, marking the beginning of the end for the early online boom known as the "Dot-com bubble."
