Latest News Articles


--- TLP:WHITE ---

News

− FBI warns of escalating Pysa ransomware attacks on education organisations

The Federal Bureau of Investigation (FBI) Cyber Division has warned system administrators and cybersecurity professionals of increased Pysa ransomware activity targeting educational institutions.

https://www.ic3.gov/Media/News/2021/210316.pdf

− Polish State Websites Hacked and Used to Spread False Info

Two Polish government websites were hacked Wednesday and used briefly to spread false information about a non-existent radioactive threat, in what a Polish government official said had the hallmarks of a Russian cyberattack.

https://www.securityweek.com/polish-state-websites-hacked-and-used-spread-false-info

− REvil Group Claims Slew of Ransomware Attacks

The REvil ransomware threat group has claimed responsibility for a recent campaign in which nine organizations were impacted. The threat group has allegedly infected nine different organizations located across Africa, Europe, Mexico, and the US. The REvil group uses the Sodinokibi ransomware to compromise networks and devices.

https://threatpost.com/revil-claims-ransomware-attacks/164739/

− Chinese nation state hackers linked to Finnish Parliament hack

Chinese nation-state hackers have been linked to an attack on the Parliament of Finland that took place last year and led to the compromise of some parliament email accounts.

https://www.bleepingcomputer.com/news/security/chinese-nation-state-hackers-linked-to-finnish-parliament-hack/

Vulnerabilities

− Exchange Exploit Attempts Surge Sixfold as Ransomware Lands

Check Point warns of major increase in attack activity.

https://blog.checkpoint.com/2021/03/11/exploits-on-organizations-worldwide/

− Can We Stop Pretending SMS Is Secure Now?

SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of people (many of them low-paid mobile store employees) who can be tricked or bribed into swapping control over a mobile phone number to someone else. Now we're learning about an entire ecosystem of companies that anyone could use to silently intercept text messages intended for other mobile users.

https://krebsonsecurity.com/2021/03/can-we-stop-pretending-sms-is-secure-now/

Community News

− CISA releases new SolarWinds malicious activity detection tool

The Cybersecurity and Infrastructure Security Agency (CISA) has released a new tool to detect post-compromise malicious activity associated with the SolarWinds hackers in on-premises enterprise environments.

https://us-cert.cisa.gov/ncas/alerts/aa21-077a

--- TLP:WHITE ---