Security News

The AvosLocker ransomware has targeted multiple victims across the country, according to the joint advisory [PDF] issued late last week by the FBI, Treasury Department and Financial Crimes Enforcement Network. Palo Alto Networks' Unit 42 researchers in July 2021 wrote about an advertisement they saw on Dread, which they described as a "Reddit-like dark web discussion forum," for a new RaaS called AvosLocker, outlining features of the ransomware and letting affiliates who leverage the malware know that AvosLocker operators would handle the negotiation and extortion practices.

The Federal Bureau of Investigation warns of AvosLocker ransomware being used in attacks targeting multiple US critical infrastructure sectors. "AvosLocker is a Ransomware as a Service affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors," the FBI said [PDF].

In a warning to aviation authorities and air operators on Thursday, the European Union Aviation Safety Agency warned of satellite jamming and spoofing attacks across a broad swath of Eastern Europe that could affect air navigation systems. The warning came in tandem with a separate alert from the FBI and the U.S. Cybersecurity Infrastructure and Security Agency that hackers could be targeting satellite communications networks in general.

CISA and the FBI said today they're aware of "Possible threats" to satellite communication networks in the US and worldwide. Today's security advisory also warned US critical infrastructure organizations of risks to SATCOM providers' customers following network breaches.

Veeam Software has patched two critical vulnerabilities affecting its popular Veeam Backup & Replication solution, which could be exploited by unauthenticated attackers to remotely execute malicious code.Veeam Backup & Replication is an enteprise data protection solution that allows admins to create image-level backups of virtual, physical, cloud machines and restore from them.

Companies critical to U.S. national interests will now have to report when they're hacked or they pay ransomware, according to new rules approved by Congress. The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected to be signed into law by President Joe Biden soon.

In this interview with Help Net Security, Michael Johnson, Board of Directors at Safe Security, talks about the importance of critical infrastructure security, why attacks on critical infrastructure are particularly worrying, and what can be done to thwart these threats. Our way of life could be impacted by a capable attack on critical infrastructure.

Singapore's Cyber Security Group, an agency charged with securing the nation's cyberspace, has uncovered four critical flaws in code from network software company Riverbed. The vulnerable application is SteelCentral AppInternals, formerly referred to as AppInternals Xpert, provided by Riverbed's Aternity division.

The report reveals that organizations are still taking nearly two months to remediate critical risk vulnerabilities, with the average mean time to remediate across the full stack set at 60 days. High rates of "Known" vulnerabilities which have working exploits in the wild, used by known nation state and cybercriminal groups are not uncommon.

It's worth pointing out that Microsoft separately addressed 21 flaws in the Chromium-based Microsoft Edge browser earlier this month. All the three critical vulnerabilities remediated this month are remote code execution flaws impacting HEVC Video Extensions, Microsoft Exchange Server, and VP9 Video Extensions.