Cloudstar – IT provider for real estate, finance, insurance worlds – downed by ransomware

2021-07-19 19:24

Cloud-based IT provider Cloudstar has been hit by ransomware, taking down its systems.

It offers remote virtual desktops, cloud-hosted software and storage, and IT security to businesses in the Americas working in real estate, finance, insurance, and petrochemicals.

Bug-hunter RyotaK, while investigating supply chain attacks, found a path-traversal bug that could be exploited by a carefully crafted JS/CSS library submitted to cdnjs via its GitHub repository for inclusion in the CDN. This library would be able to overwrite files and execute commands within the context of cdnjs's backend when the submission is processed, and could obtain Cloudflare's secret GitHub API keys.

An attacker potentially could have used that position to alter the JavaScript and CSS delivered to those websites using cdnjs.

Cryptographers at ETH Zurich and Royal Holloway college at the University of London have investigated Telegram's home-grown encrypted chat protocol, and claim an attacker could exploit it to, among other things, change the order of messages sent and potentially uncover plaintext of some communications in exceptional circumstances.

The recipients were asked to speak at a webinar on "The US security challenges in the Middle East," and the URL led to a compromised University of London's SOAS radio website.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/07/19/in_brief_security/

#insurance #ransomware