IT Security Newsletter - 7/14/2021
REvil ransomware gang sites go dark, for reasons that remain unclear
The ransomware gang behind a string of recent attacks that netted tens of millions of dollars may have been too successful for its own good. REvil, the Russian-speaking hacking crew that claimed responsibility for a hack at the IT firm Kaseya that yielded perhaps thousands of victims, largely went dark Tuesday morning, according to multiple security researchers. The dark web site where REvil typically posts victim data and a payment site suddenly went down. READ MORE...
Krebs on Security: Microsoft Patch Tuesday, July 2021 Edition
Microsoft today released updates to patch at least 116 security holes in its Windows operating systems and related software. At least four of the vulnerabilities addressed today are under active attack, according to Microsoft. Thirteen of the security bugs quashed in this month's release earned Microsoft's most-dire "critical" rating, meaning they can be exploited by malware or miscreants to seize remote control over a vulnerable system without any help from users. READ MORE...
Microsoft names Chinese group as source of new attack on SolarWinds
Microsoft has attributed a new attack on SolarWinds to a group operating in China. The software giant on Tuesday posted details of the attack, which SolarWinds on Monday patched and revealed as a Return Oriented Programming attack that targets its Serv-U managed file transfer product and allows an attacker to run arbitrary code with privileges, install programs and alter data on cracked targets. READ MORE...
Adobe Patches 11 Critical Bugs in Popular Acrobat PDF Reader
Eleven critical bugs in Adobe's popular and free PDF reader, Acrobat, open both Window and macOS users to attacks ranging from an adversary arbitrarily executing commands on a targeted system to data leakage tied to system-read and memory flaws. In a Tuesday security bulletin, which included patches for all flaws, the company reported that Windows and macOS versions of Acrobat were equally vulnerable. Adobe added however that it was not aware of any abuse of the bugs in the wild. READ MORE...
Updated Joker Malware Floods into Android Apps
The Joker mobile trojan is back on Google Play, with an uptick in malicious Android applications that hide the billing-fraud malware, researchers said. It's also using new approaches to skirt past Google's app-vetting process. Joker has been around since 2017, disguising itself within common, legitimate apps like camera apps, games, messengers, photo editors, translators and wallpapers. READ MORE...
Rebuilding your security culture as employees return to the office
The return to work allows security teams to refocus on areas of their insider risk management program that may have been swept under the rug while working remotely. As employees reunite for the first time in a long time, it's a good opportunity for companies to rebuild a stronger office security culture between employees and security teams - one that comes from a place of positive intent. READ MORE...
CISA Issues Emergency Directive to Address 'PrintNightmare' Vulnerability
The United States Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday issued Emergency Directive 21-04, which requires all federal agencies to apply the available patches for the recently disclosed Microsoft Print Spooler service vulnerability within one week. The agency warns that the vulnerability has been actively exploited by multiple threat actors. Microsoft's advisory also says the flaw has been exploited, but no information is available on the attacks. READ MORE...
- ...in 1789, French revolutionaries storm and dismantle the Bastille as a prelude to the French Revolution.
- ...in 1912, American singer-songwriter Woody Guthrie ("This Land Is Your Land") is born in Okemah, OK.
- ...in 1913, 38th President of the United States Gerald Ford is born in Omaha, NE.
- ...in 1992, 386BSD (a free Unix-like operating system) is released, beginning the wave of open-source OSes that also brought Linux and its variants.