AvosLocker, a prolific ransomware group that was the subject of a recent joint FBI and U.S. Treasury Department warning, claimed this week that it had hit a Dallas-based nonprofit Catholic health system with more than 600 facilities across four U.S. states, Mexico, Chile and Colombia. The attack on CHRISTUS Health marks the second health care system AvosLocker targeted in the last two months. READ MORE...
Italy's Computer Security Incident Response Team (CSIRT) has disclosed recent DDoS attacks against crucial government sites in the country over the past couple of days. DDoS (distributed denial of service) is an attack that aims to deplete a server's available resources, making it unable to respond to legitimate user requests and rendering the sites it hosts inaccessible. Pro-Russian hacktivists known as the Killnet group claimed responsibility for the attacks. READ MORE...
Hackers have started to exploit a recently patched critical vulnerability, tracked as CVE-2022-30525, that affects Zyxel firewall and VPN devices for businesses. Successful exploitation allows a remote attacker to inject arbitrary commands remotely without authentication, which can enable setting up a reverse shell. The vulnerability was discovered by Jacob Baines, lead security researcher at Rapid7, who explains in a brief technical report how the flaw can be leveraged in attacks. READ MORE...
A recent security update for a Windows NTLM Relay Attack has been confirmed to be a previously unfixed vector for the PetitPotam attack. During the May 2022 Patch Tuesday, Microsoft released a security update for an actively exploited NTLM Relay Attack labeled as a 'Windows LSA Spoofing Vulnerability' and tracked as CVE-2022-26925. An NTLM Relay Attack allows threat actors to force devices, even domain controllers, to authenticate against malicious servers they control. READ MORE...
A soda can, a smartphone stand, or any shiny, lightweight desk decoration could pose a threat of eavesdropping, even in a soundproof room, if an attacker can see the object, according to a team of researchers from Ben-Gurion University of the Negev. At the Black Hat Asia security conference on Thursday, and aiming to expand on previous research into optical speech eavesdropping, the research team showed that audio conversations at the volume of a typical meeting or conference call could be captured from up to 35 meters. READ MORE...
Enterprise data lakes are filling up as organizations increasingly embrace artificial intelligence (AI) and machine learning - but unfortunately, these are vulnerable to exploitation via the Java Log4Shell vulnerability, researchers have found. Generally, organizations are focused on ingesting as many data points for training an AI or algorithm that they can, with an eye toward privacy - but all too often, they're skipping over hardening the security of the data lakes themselves. READ MORE...
The US Cybersecurity and Infrastructure Security Agency (CISA) has temporarily removed a Windows flaw from its Known Exploited Vulnerabilities Catalog after it was informed by Microsoft that a recent update can cause problems on some types of systems. The vulnerability in question is CVE-2022-26925, which Microsoft describes as a Windows LSA spoofing vulnerability. READ MORE...