A UK cloud-based warehouse management software provider was struck by ransomware earlier this week. Emails from SnapFulfil, a trading name of Synergy Logistics, sent to its customers late last week and shown to The Register, revealed how a ransomware attack targeted the company's services, disrupting warehouse operations for at least one of its customers. "We have been targeted by a ransomware attacker. We believe the data is safe. All the work done over the last few days has included additional security. READ MORE...
A hacker has released the databases of Utah-based gun exchange, hunting, and kratom sites for free on a cybercrime forum. On August 10th, a threat actor posted databases that they claim contain 195,000 user records for the utahgunexchange.com, 45,000 records for their video site, 15,000 records from the hunting site muleyfreak.com, and 24,000 user records from the Kratom site deepjunglekratom.com. All of these sites are based out of Utah, USA and samples of the databases shared by cybersecurity intelligence. READ MORE...
The Maze hacker gang claims it has infected computer memory maker SK hynix with ransomware and leaked some of the files it stole. The South Korean semiconductor giant could not be reached for comment. For what it's worth, the Maze crew doesn't tend to need to fib about these sort of things. When it claims to have infiltrated a victim - and it has pwned a great deal of organizations lately - it usually publicly shares data stolen from the compromised network as proof. And such is the case with SK hynix. READ MORE...
Some years ago I visited the fabulous site of Bletchley Park, home of the UK's then-secret code-breaking efforts during World War II, where Alan Turing and other brilliant minds cracked encrypted messages sent by the Nazis. So when I received a letter from Bletchley Park in the post today, I imagined it would invite me to return, containing information about how they're handling visits during the pandemic. Unfortunately, the news wasn't so good. READ MORE...
Many enterprises have realized that the IoT presents tremendous business opportunities. The IoT can help businesses stay agile in changing situations and maintain a high level of visibility into operations, while positively impacting their bottom line. According to a BI Intelligence report, those who adopt IoT can experience increased productivity, reduced operating costs and expansion into new markets. Yet despite this proven success, security concerns have historically been a barrier to IoT adoption for enterprises. READ MORE...
The unique, advanced worming P2P botnet drops backdoors and cryptominers, and is spreading globally. A peer-to-peer (P2) botnet called FritzFrog has hopped onto the scene, and researchers said it has been actively breaching SSH servers since January. SSH servers are pieces of software found in routers and IoT devices, among other machines, and they use the secure shell protocol to accept connections from remote computers. SSH servers are common in enterprise and consumer environments alike. READ MORE...
A hybrid DDoS botnet known for turning vulnerable Windows devices into Monero cryptomining bots is now also scanning for and infecting Linux systems. While the botnet's authors named it Satan DDoS, security researchers are calling it Lucifer to differentiate it from Satan ransomware. Besides adding Linux targeting support, Lucifer's creators have also expanded the Windows version's capabilities to steal credentials and escalate privileges using the Mimikatz post-exploitation tool. READ MORE...
More than 70% of ICS vulnerabilities disclosed in the first half of 2020 can be exploited remotely, highlighting the importance of protecting internet-facing ICS devices and remote access connections, according to Claroty. The report comprises The Claroty Research Team's assessment of 365 ICS vulnerabilities published by the National Vulnerability Database (NVD) and 139 ICS advisories issued by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) during 1H 2020, affecting 53 vendors. READ MORE...
Andy Greenberg at Wired has published an interesting article, describing how there have been a spate of "phone spear phishing" attacks since celebrity accounts on Twitters were very publicly compromised last month. You will remember that Twitter confirmed that members of staff were rung up by scammers, who then socially engineered their victims into handing over credentials which gave the hackers access to Twitter's internal tools. Those tools, which should have only been available to authorised personnel. READ MORE...
A vulnerability in Thales' Cinterion EHS8 M2M module, a Java-powered embedded 3G system used in millions of Internet-of-Things devices for connectivity, was revealed yesterday by IBM's X-Force Red. The bug (CVE-2020-15858), disclosed to Thales and addressed in a patch made available to IoT vendors in February, makes it possible for an attacker to, for instance, extract the code and other resources from a vulnerable device. This information could be reverse-engineered to find vulnerabilities to exploit. READ MORE...