Security News

Almost a month after a disgruntled Conti affiliate leaked the gang's attack playbook, security researchers shared a translated variant that clarifies any misinterpretation caused by automated translation. Apart from providing information about the gang's attack methods and the thoroughness of the instructions, which allow for less-skilled actors to become Conti ransomware affiliates and hit valuable targets.

Autodesk, makers of computer-aided design software for manufacturing, has told the US stock market it was targeted as part of the the supply chain attack on SolarWinds' Orion software. In a filing with the American Stock Exchange Commission, Autodesk said it had identified a compromised server in the wake of public reporting of the SolarWinds breach.

More details about a now-patched vulnerability in Comcast's XR11 voice remotes have emerged, which would have made it easy for a threat actor to intercept radio frequency communications between the remote and the set-top box, effectively turning the remote into a surveillance device. The XR11 remotes are some of the most common around, with more than 18 million scattered across homes in the U.S. A man-in-the-middle attack conducted by researchers at Guardicore, dubbed "WarezTheRemote," allowed the team to listen in on conversations from up to 65 feet away.

Two UK VoIP operators have had their services disrupted over the last couple of days by ongoing, aggressive DDoS attacks. South Coast-based Voip Unlimited has confirmed it has been slapped with a "Colossal ransom demand" after being hit by a sustained and large-scale DDoS attack it believes originated from the Russian cybercriminal gang REvil.

It is vital to ensure passwords are not found in a breached password database as breached password lists are used to crack passwords extracted using the AS-REP Roasting attack. Enforcing effective password policies and using a breached password protection solution for Active Directory is essential to ensure your environment is not vulnerable to Kerberos attacks such as AS-REP Roasting.

The operators of the Mozi IoT botnet have been taken into custody by Chinese law enforcement authorities, nearly two years after the malware emerged on the threat landscape in September 2019. "Mozi uses a P2P network structure, and one of the 'advantages' of a P2P network is that it is robust, so even if some of the nodes go down, the whole network will carry on, and the remaining nodes will still infect other vulnerable devices, that is why we can still see Mozi spreading," said Netlab, which spotted the botnet for the first time in late 2019.

Though lots of people might be taking some time off over the Labor Day weekend, threat actors likely won't - which means organizations should remain particularly vigilante about the potential for ransomware attacks, the federal government has warned. The now-infamous Colonial Pipeline attack by now-defunct ransomware group DarkSide that crippled the oil pipeline on the East Coast for some weeks after occurred in the lead-up to Mother's Day weekend, agencies observed.

The FBI and CISA urged organizations not to let down their defenses against ransomware attacks during weekends or holidays in a joint cybersecurity advisory issued earlier today.While the FBI and CISA do not have any info regarding potential attacks within upcoming holidays and weekends, they gave as examples the attacks on the networks of Colonial Pipeline, JBS, and Kaseya.

Companies should now consider cybercriminals as business competitors, according to Lacework's 2021 Cloud Threat Report Volume 2. The Lacework Lab analyzed telemetry from its customers and other data to identify rising and increasing security threats to cloud deployments.

Bangkok Airways has revealed it was the victim of a cyberattack from ransomware group LockBit on August 23rd, resulting in the publishing of stolen data. Bangkok Airways' announcement about the matter came last Thursday, a day after LockBit posted a message on its dark web portal threatening the airline to pay a ransom or suffer a data leak.