Cryptominer ELFs Using MSR to Boost Mining Process

The Uptycs Threat Research Team recently observed Golang-based worm dropping cryptominer binaries which use the MSR (Model Specific Register) driver.  By UPTYCS THREAT RESEARCH  Original research by Siddarth Sharma The Uptycs Threat Research Team recently observed Golang-based worm dropping cryptominer binaries which use the MSR...

1h

Italian energy company ERG hit by LockBit 2.0 ransomware gang

ERG SPA, an Italian energy company, reports a minor impact on its operations after the recent ransomware attack conducted by LockBit 2.0 gang. Recently the Italian energy company ERG was hit by the LockBit 2.0 ransomware gang, now the company reported “only a few minor disruptions” for its ICT infrastructure. The company is active in the production...

5h

Cisco fixes critical, high severity vulnerabilities in VPN routers

Cisco fixed critical, high severity pre-auth security vulnerabilities impacting multiple Small Business VPN routers. Cisco addressed critical and high severity pre-auth security vulnerabilities that impact multiple Small Business VPN routers. An attacker could exploit the issues to trigger a denial of service condition or execute...

12h

Advanced Technology Ventures discloses ransomware attack and data breach

The American venture capital firm Advanced Technology Ventures (ATV) disclosed a ransomware attack, crooks also stole data of some private investors. Advanced Technology Ventures (ATV) is an American venture capital firm with more than $1.8 billion in capital under management. The venture capital firm this week disclosed a ransomware attack,...

20h

US CISA and NSA publish guidance to secure Kubernetes deployments

US CISA and NSA released new guidance that provides recommendations on how to harden Kubernetes deployments and minimize the risk of hack. US CISA and NSA released new guidance that provides recommendations to harden Kubernetes deployments. Kubernetes is an open-source container-orchestration system for automating computer application...

1d

China-linked APT31 targets Russia for the first time

China-linked APT31 group employed a new strain of malware in attacks aimed at entities in Mongolia, Belarus, Canada, the US, and Russia. Researchers from Positive Technologies reported that China-linked APT31 group has been using a new piece of malware in a recent wave of attacks targeting Mongolia, Belarus, Canada, the United States, and Russia....

1d

INFRA:HALT flaws impact OT devices from hundreds of vendors

INFRA:HALT is a set of vulnerabilities affecting a popular TCP/IP library commonly OT devices manufactured by more than 200 vendors. Security researchers from security teams at Forescout and JFrog have disclosed today 14 vulnerabilities that impact a popular TCP/IP library named NicheStack commonly used in industrial equipment and Operational...

1d

Cyber Defense Magazine – August 2021 has arrived. Enjoy it!

Cyber Defense Magazine August 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with over 148 pages of excellent content. Cyber Defense eMagazine August Edition for 2021Grab this PDF version and help fund our operations:https://cyberdefensemagazine.tradepub.com/free/w_cyba125/Here’s the Yumpu Magazine Versionhttps://www.yumpu.com/en/document/read/65794079/cyber-defense-emagazine-august-edition-for-2021Here’s...

1d

China-linked APT groups target telecom companies in Southeast Asia

China linked APT groups have targeted networks of at least five major telecommunications companies operating in Southeast Asia since 2017. Cybereason researchers identified three clusters of activity associated with China-linked threat actors that carried out a series of attacks against networks of at least five major telecommunications companies...

1d

Cisco fixed Remote Code Execution issue in Firepower Device Manager On-Box software

Cisco addressed a vulnerability in the Firepower Device Manager (FDM) On-Box software that allows attackers to execute arbitrary code on vulnerable devices. Cisco has addressed a vulnerability in the Firepower Device Manager (FDM) On-Box software, tracked as CVE-2021-1518, that could be exploited by an attacker to execute arbitrary code...

2d