Security News
Based in the UK, Lloyd's is a marketplace of insurance buyers and sellers, rather than a company, and has 77 cyber risk insurers under its wing for which it sets the rules. Lloyd's chief of markets Patrick Tiernan was speaking to the Financial Times after a backlash against an August memo [PDF], penned by Lloyd's underwriting director Tony Chaudhry last month, saying the market will require all of its insurance groups to exclude any liability for losses resulting from state-backed cyberattacks from their insurance policies from March 31 2023.
Cybersecurity researchers have offered insight into a previously undocumented software control panel used by a financially motivated threat group known as TA505. The control panel, called TeslaGun, is said to be used by the adversary to manage the ServHelper implant, working as a command-and-control framework to commandeer the compromised machines.
QNAP has issued a new advisory urging users of its network-attached storage devices to upgrade to the latest version of Photo Station following yet another wave of DeadBolt ransomware attacks in the wild by exploiting a zero-day flaw in the software. The Taiwanese company said it detected the attacks on September 3 and that "The campaign appears to target QNAP NAS devices running Photo Station with internet exposure."
A transnational sextortion ring was uncovered and dismantled following a joint investigation between Interpol's cybercrime division and police in Singapore and Hong Kong. Sextortion is a type of digital extortion where the criminals coerce or trick their targets into sharing explicit videos or images that will later be used for blackmail.
QNAP is warning customers of ongoing DeadBolt ransomware attacks that started on Saturday by exploiting a zero-day vulnerability in Photo Station. "QNAP® Systems, Inc. today detected the security threat DEADBOLT leveraging exploitation of Photo Station vulnerability to encrypt QNAP NAS that are directly connected to the Internet," explains the security notice.
QNAP is warning customers of ongoing DeadBolt ransomware attacks that started on Saturday by exploiting a zero-day vulnerability in Photo Station. "QNAP® Systems, Inc. today detected the security threat DEADBOLT leveraging exploitation of Photo Station vulnerability to encrypt QNAP NAS that are directly connected to the Internet," explains the security notice.
Trend Micro predicted that ransomware groups will increasingly target Linux servers and embedded systems over the coming years. Jon Clay, VP of threat intelligence for Trend Micro, said: "New and emerging threat groups continue to evolve their business model, focusing their attacks with even greater precision. That's why it's essential that organizations get better at mapping, understanding, and protecting their expanding digital attack surface. A single, unified cybersecurity platform is the best place to start."
Google has released Chrome 105.0.5195.102 for Windows, Mac, and Linux users to address a single high-severity security flaw, the sixth Chrome zero-day exploited in attacks patched this year. This new version is rolling out in the Stable Desktop channel, with Google saying that it will reach the entire user base within a matter of days or weeks.
The BlackCat/ALPHV ransomware gang claimed responsibility for an attack that hit the systems of Italy's energy agency Gestore dei Servizi Energetici SpA over the weekend. A GSE spokesperson disclosed that its website and systems were taken down to block the attackers from gaining access to the data after detecting the attack on Sunday night-GSE's website is still down, almost a week after the incident.
More details have emerged about the operators behind the first-known phishing campaign specifically aimed at the Python Package Index, the official third-party software repository for the programming language. The attacks received a significant facelift last month when the JuiceLedger actors targeted PyPi package contributors in a phishing campaign, resulting in the compromise of three packages with malware.