The federal agency that provides low-income housing in Indianapolis is facing a ransomware attack that's delayed its ability to send out rent payments to landlords, a top agency official says. All employees of the Indianapolis Housing Agency lost access to their email during the attack, which began weeks ago. That includes its executive director, Marcia Lewis, who lost access to her email for days but regained access to it Tuesday, The Indianapolis Star reported, citing an email she sent the newspaper. READ MORE...
Hacking group Cranefly is using the new technique of using Internet Information Services (IIS) commands to deliver backdoors to targets and carry out intelligence-gathering campaigns. Researchers at Symantec have observed a previously undocumented dropper Trojan called Geppei being used to install backdoors (including Danfuan and Regeorg) and other custom tools on SAN arrays, load balancers, and wireless access point (WAP) controllers that may lack appropriate security tools. READ MORE...
Exploit code was released this week for a just-patched vulnerability in VMware Cloud Foundation and NSX Manager appliances that allows hackers with no authentication to execute malicious code with the highest system privileges. VMware patched the vulnerability, tracked as CVE-2021-39144, on Tuesday and issued it a severity rating of 9.8 out of a possible 10. The vulnerability posed so much risk that VMware took the unusual step of patching versions that were no longer supported. READ MORE...
A free unofficial patch has been released for an actively exploited zero-day that allows files signed with malformed signatures to bypass Mark-of-the-Web security warnings in Windows 10 and Windows 11. Last weekend, BleepingComputer reported that threat actors were using stand-alone JavaScript files to install the Magniber ransomware on victims' devices. When a user downloads a file from the Internet, Microsoft adds a Mark-of-the-Web flag to the file, causing the operating system to display security warnings. READ MORE...
Google has announced an update for Chrome that fixes an in-the-wild exploit. Chrome Stable channel has been updated to 107.0.5304.87 for Mac and Linux, and 107.0.5304.87/.88 for Windows. The vulnerability at hand is described as a type confusion issue in the V8 Javascript engine. If you're a Chrome user on Windows, Mac, or Linux, you should update as soon as possible. Most of the time, the easiest way to update Chrome is to do nothing-it should update itself automatically.. READ MORE...
Apple has patched an iOS and iPad OS vulnerability that's already been exploited. Crediting an anonymous security researcher with reporting the issue, Apple said the problem involves an out-of-bounds write issue - which involves adding data past the end or before the beginning of a buffer. The impacts can bedata corruption, a crash or the chance to execute arbitrary code with kernel privileges. READ MORE...
Raspberry Robin, a worm that spreads through Windows systems via USB drives, has rapidly evolved: now backdoor access is being sold or offered to infected machines so that ransomware, among other code, can be installed by cybercriminals. In a report on Thursday, Microsoft's Security Threat Intelligence unit said Raspberry Robin is now "part of a complex and interconnected malware ecosystem" with links to other families of malicious code and ties to ransomware infections. READ MORE...