<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 10/20/2021

SHARE

Top News

U.S. Government Issues Urgent Warning on BlackMatter Ransomware

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) this week published a joint advisory to warn organizations of an increased threat posed by the BlackMatter ransomware gang. Active since July 2021, BlackMatter is believed to be the successor of DarkSide, a ransomware-as-a-service (RaaS) that shut down operations in May 2021. DarkSide was responsible for multiple high-profile ransomware attacks. READ MORE...

Breaches

Organizations lack basic cybersecurity practices to combat the growing tide of ransomware

Organizations are not equipped to defend against ransomware due to deficiencies in implementing and sustaining basic cybersecurity practices, including managing privileged administrator credentials and ensuring visibility of supply chain risk, an Axio reserach report reveals. "Ransomware is everywhere, dominating headlines, corporate board meetings and even the Biden administration's agenda," remarked the report's co-author David White, President of Axio. READ MORE...


Five game-changing factors for companies dealing with ransomware attacks

Continual innovation and growing sophistication of cloud services is giving organizations clear and practical routes to deal with ransomware attacks. The latest cloud-based file storage platforms not only enable more flexible sharing of information, but they also ensure forensic assessment and surgical recovery from attacks, without the affected firms losing productive time or having to pay the ransom. READ MORE...

Hacking

Man gets 7 years in prison for hacking 65K health care employees

Justin Sean Johnson, also known as TheDearthStar and Dearthy Star, was sentenced this week to seven years in prison for the 2014 hack of the health care provider and insurer University of Pittsburgh Medical Center (UPMC). After breaching UPMC's human resources databases, Johnson stole the Personally Identifiable Information (PII) and W-2 info (including names, Social Security numbers, addresses and salary information) of more than 65,000 employees and sold it on the dark web. READ MORE...


FBI warns of fake govt sites used to steal financial, personal data

The FBI warned the US public that threat actors actively use fake and spoofed unemployment benefit websites to harvest sensitive financial and personal information from unsuspecting victims. Sites used in these attacks are designed to closely resemble official government platforms to trick the targets into giving away their info, infecting them with malware, and claiming unemployment benefits on their behalf. READ MORE...

Software Updates

Oracle Releases October 2021 Critical Patch Update

Oracle has released its Critical Patch Update for October 2021 to address 419 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. READ MORE...

Exploits/Vulnerabilities

Penetration Testing in the Cloud Demands a Different Approach

Attackers use a different set of techniques to target the cloud, meaning defenders must think differently when pen testing cloud environments. Most companies are familiar with the pattern: As attackers adjust their techniques, defenders must rethink their security strategies. Now, as the attack surface expands and criminals target cloud environments, the pressure is on businesses to ensure their cloud infrastructure is secure. READ MORE...

On This Date

  • ...in 1818, The United States and Britain establish the 49th Parallel as the boundary between Canada and the United States.
  • ...in 1870, The Summer Palace in Beijing, China, is burnt to the ground by a Franco-British expeditionary force.
  • ...in 1944, U.S. troops land on Leyte in the Philippines, keeping General MacArthur's pledge "I shall return."
  • ...in 1968, Jacqueline Kennedy marries Aristotle Onassis.