IT Security Newsletter

IT Security Newsletter - 5/10/2022

Written by Cadre | Tue, May 10, 2022

Hackers are actively exploiting BIG-IP vulnerability with a 9.8 severity rating

Researchers are marveling at the scope and magnitude of a vulnerability that hackers are actively exploiting to take full control of network devices that run on some of the world's biggest and most sensitive networks. The vulnerability, which carries a 9.8 severity rating out of a possible 10, affects F5's BIG-IP, a line of appliances that organizations use as load balancers, firewalls, and for inspection and encryption of data passing into and out of networks. READ MORE...

Lincoln College to close after 157 years due ransomware attack

Lincoln College, a liberal-arts school from rural Illinois, says it will close its doors later this month, 157 years since its founding and following a brutal hit on its finances from the COVID-19 pandemic and a recent ransomware attack. This decision was made even harder with the college having survived multiple disasters, including a major fire in 1912, the Spanish flu, the Great Depression, the World Wars, and the 2008 global financial crisis. READ MORE...

Tractor giant AGCO hit by ransomware, halts production and sends home staff

A ransomware attack which hit agricultural equipment manufacturer AGCO has caused it to shut down some of its manufacturing facilities and send staff home. The firm acknowledged last week that its systems had been hit by ransomware, and that some of its production facilities had been impacted. Employees at its plant in Marktoberforf, Germany, were sent home, as we assembly line workers at production lines in Beauvais, France. READ MORE...

Welcome "Frappo" - Resecurity identified a new Phishing-as-a-Service

The Resecurity HUNTER unit identified a new underground service called "Frappo", which is available on the Dark Web. "Frappo" acts as a Phishing-as-a-Service and enables cybercriminals to host and generate high-quality phishing pages which impersonate major online banking, e-commerce, popular retailers, and online services to steal customer data. The platform has been built by cybercriminals to leverage spam campaigns which distribute professional phishing content. READ MORE...

Low-rent RAT Worries Researchers

For about the price of a cup of Starbucks latte, a hacker is renting out a remote access trojan designed to backdoor targeted networks. Dubbed as Dark Crystal RAT (or DCRat), the malware is being peddled online to hackers in Russian by a lone rookie malware writer with a penchant for cut-rate pricing. BlackBerry said sales of the budget RAT are being facilitated by the cybercriminal that goes by the name "boldenis44" or "crystalcoder." READ MORE...

NFTs Emerge as the Next Enterprise Attack Vector

A recent malware campaign that targeted online artists with a lure about lucrative nonfungible token (NFT) projects is a good indication of how threat actors are capitalizing on the snowballing interest in digital goods - and it has implications for the growing number of corporate brands trying to ride the NFT wave, too. The campaign, which researchers from Malwarebytes observed, involved messages purporting to be from NFT project Cyberpunk Ape Executives. READ MORE...

Conti Ransomware Attack Spurs State of Emergency in Costa Rica

Costa Rican President Rodrigo Chaves declared a state of national cybersecurity emergency over the weekend following a financially motivated Conti ransomware attack against his administration that has hamstrung the government and economy of the Latin American nation. The attack-attributed to the prolific Conti ransomware group-occurred three weeks ago not long after Chaves took office, in fact, the state of emergency was one of his first decrees as president. READ MORE...

How to Check If Your F5 BIG-IP Device Is Vulnerable

Heads up for network administrators with F5's BIG-IP family of networking devices in their environment: There is a new security update available for the newly disclosed critical remote code execution vulnerability (CVE-2022-1388). Several security researchers have already created working exploits, so administrators need to move quickly and secure their networks before the attackers come knocking. READ MORE...

  • ...in 1869, a ceremonial golden spike is driven to connect the Central Pacific and Union Pacific railroads, officially dedicating the First Transcontinental Railroad.
  • ...in 1899, classic Hollywood dancer and singer Fred Astaire is born in Omaha, NE.
  • ...in 1962, Marvel Comics publishes the first issue of "The Incredible Hulk."
  • ...in 1994, Nelson Mandela is inaugurated as South Africa's first Black president.