Security News > 2021 > April

QNAP customers are once again urged to secure their Network Attached Storage devices to defend against Agelocker ransomware attacks targeting their data. In a security advisory published earlier today, the company says that its security team has discovered AgeLocker ransomware samples in the wild, with "The potential to affect QNAP NAS devices."

After just a few months of activity, the operators of Babuk ransomware briefly posted a short message about their intention to quit the extortion business after having achieved their goal. Earlier today, the Babuk ransomware gang said in a message titled "Hello World 2" on their leak site that they had achieved their goal and decided to shut down the operation.

Ransomware has reached crisis levels across business sectors and across the globe, but a public-private Ransomware Task Force aims to stem the tide of attacks by disrupting the crooks' business model. In all, it details what RTF considers to be "a full, comprehensive strategy to stem the ransomware tide - ranging from dealing with the complexities of the ransomware epidemic, to the role of cyber-insurance, cryptocurrency and safe havens for threat actors," according to Team Cymru, one of the cybersecurity firms signed onto the project.

The Wyoming Department of Health said on Wednesday it accidentally posted COVID test results of state residents onto their public-facing storage buckets. As far as the breath alcohol tests go, the employee accidentally posted the results of 18,312 people - mostly from Wyoming but also from other states - who breathed into a tube for law enforcement in Wyoming as far back as April 19, 2012 and on up until Jan. 27, 2021.

The Whistler municipality in British Columbia, Canada, has suffered a cyberattack at the hands of a new ransomware operation. The Resort Municipality of Whistler is a resort community with approximately 12,000 residents and over three million visitors annually.

F5 Networks this week released patches to address an authentication bypass vulnerability affecting BIG-IP Access Policy Manager, but fixes are not available for all impacted versions. Tracked as CVE-2021-23008, the high-severity vulnerability allows for the bypass of BIG-IP APM AD authentication if the attacker can hijack a Kerberos KDC connection using a spoofed AS-REP. Authentication bypass is also possible from an AD server that the attacker has already compromised, F5 explains.

Cloud solutions provider DigitalOcean has started informing some customers that their billing information may have been compromised after someone exploited a vulnerability in the company's systems. In an email sent to customers, DigitalOcean said the unauthorized access occurred between April 9 and April 22, 2021, but it was apparently only "Confirmed" on April 26.

Quick-response codes used by a COVID-19 contact-tracing program were hijacked by a man who simply slapped up scam QR codes on top to redirect users to an anti-vaccination website, according to local police. Fake QR codes were placed over genuine COVID safe check-ins and once scanned, it is understood it led people to a website with information against vaccinations.

The Institute for Security and Technology's Ransomware Task Force has released a comprehensive strategic framework to help worldwide organizations fight against ransomware and will be delivering it to the U.S. President's team. The 81-pages-long report includes an overview of the ransomware threat, its impact, how the cyber insurance and the rise of cryptocurrencies influenced its proliferation, the current situation in regard to threat actors that use the malware, and existing efforts to mitigate these attacks.

Threat detection and response solutions provider Vectra AI on Thursday announced that it has raised $130 million at a valuation of $1.2 billion, which makes the company the latest cybersecurity unicorn. The funding, which brings the total raised by the firm to $350 million, was led by Blackstone Growth, with participation from existing investors.