IT Security Newsletter

IT Security Newsletter - 7/27/2021

Written by Cadre | Tue, Jul 27, 2021

S.Africa's Port Terminals Still Disrupted Days After Cyber-Attack

South Africa's state-owned logistics firm said Tuesday it was working to restore systems following a major cyber-attack last week that hit the country's key port terminals. The attack began on July 22 but continued, forcing Transnet to switch to manual systems, it said. In a letter to its customers dated Monday, the company declared a force majeure -- a clause that prevents a party from fulfilling a contract because of external and unforeseen circumstances. READ MORE...

APT group hits IIS web servers with deserialization flaws and memory-resident malware

A sophisticated, likely government-sponsored threat actor has been compromising major public and private organizations over the past year by exploiting deserialization flaws in public-facing ASP.NET applications to deploy fileless malware. Dubbed Praying Mantis, or TG1021, by researchers from incident response firm Sygnia, the hacker group puts a strong focus on detection evasion by using a volatile and custom malware toolset. READ MORE...

Patch your iPhones and Macs against "actively exploited" zero-day right now

If you're the owner of an iPhone, iPad, or Apple Mac you should update your system right now. Apple has released a major security update for its devices, after finding a zero-day flaw that the company indicates has been the focus of in-the-wild attacks by hackers, and might have been used to plant malware. As is its wont, Apple has not released any real details about the flaw, presumably in an attempt to reduce the chances of other parties exploiting the security vulnerability. READ MORE...

Kaseya Denies Paying Cybercriminals Who Launched Ransomware Attack

IT management software firm Kaseya on Monday said it did not pay any money to cybercriminals, following speculation that it may have paid a ransom to obtain a decryptor that would allow customers hit by the recent ransomware attack to recover their files. In early July, cybercriminals exploited vulnerabilities in Kaseya's VSA product to deliver ransomware to MSPs and their customers. The company estimated that between 800 and 1,500 organizations received the REvil ransomware. READ MORE...

VPN servers seized by Ukrainian authorities weren't encrypted

Privacy-tools-seller Windscribe said it failed to encrypt company VPN servers that were recently confiscated by authorities in Ukraine, a lapse that made it possible for the authorities to impersonate Windscribe servers and capture and decrypt traffic passing through them. The Ontario, Canada-based company said earlier this month that two servers hosted in Ukraine were seized as part of an investigation into activity that had occurred a year earlier. READ MORE...

Vulnerability in Popular Survey Tool Exploited in Possible Chinese Attacks on U.S.

A recently disclosed vulnerability affecting a popular survey creation tool has been exploited by a threat group that may be linked to China against organizations in the United States. Cybersecurity consulting and incident response solutions provider Sygnia on Tuesday published a report detailing attacks launched by a threat actor against "high-profile public and private entities" in the United States. READ MORE...

  • ...in 1921, at the University of Toronto, scientists Frederick Banting and Charles Best successfully isolate insulin for the first time.
  • ...in 1940, Bugs Bunny first appears on the silver screen in "A Wild Hare."
  • ...in 1949, the world's first jet-propelled airliner, the British De Havilland Comet, makes its maiden test-flight in England.
  • ...in 1953, the United States, the People's Republic of China, North Korea, and South Korea agree to an armistice, bringing the Korean War to an end.