Latest News Articles

News

− A deep dive into the operations of the LockBit ransomware group

Most victims are from the enterprise and are expected to pay an average ransom of $85,000.

https://www.prodaft.com/m/reports/LockBit_Case_Report___TLPWHITE.pdf

− EU Data Watchdogs Want Ban on AI Facial Recognition

The EU's data protection agencies on Monday called for an outright ban on using artificial intelligence to identify people in public places, pointing to the "extremely high" risks to privacy.

https://www.securityweek.com/eu-data-watchdogs-want-ban-ai-facial-recognition

− NIST Publishes Ransomware Guidance

Draft Cybersecurity Framework Profile for Ransomware Risk Management released

https://csrc.nist.gov/CSRC/media/Publications/nistir/draft/documents/NIST.IR.8374-preliminary-draft.pdf

Vulnerabilities

− Water Sector Security Report Released by WaterISAC

The Water Sector Coordinating Council (WSCC) - an advisory body comprising the national water and wastewater associations, the sector’s research foundation and WaterISAC - collaborated on a utility survey to develop a picture of current cybersecurity practices in the sector to better articulate the challenges and needs of the sector.

https://www.waterisac.org/system/files/articles/FINAL_2021_WaterSectorCoordinatingCouncil_Cybersecurity_State_of_the_Industry-17-JUN-2021.pdf

− VMware Tools, VMRC and VMware App Volumes update addresses a local privilege escalation vulnerability (CVE-2021-21999)

A high-severity vulnerability that VMware patched this week in VMware Tools for Windows could be exploited to execute arbitrary code with elevated privileges.

https://www.vmware.com/security/advisories/VMSA-2021-0012.html

− Security Incident Alert - USG/ZyWALL, USG FLEX, ATP, and VPN Firewall series

We recently became aware of a sophisticated threat actor targeting Zyxel security appliances with remote management or SSL VPN enabled.

https://support.zyxel.eu/hc/en-us/articles/4402786248466-Security-Incident-Alert-Firewall-Series

Community News

− Building Resilience and Prosperity with Cybersecurity

The Head of the UK NCSC, Lindy Cameron will discuss the role of cybersecurity in building resilience and prosperity both at a domestic and international level. Ms. Cameron will outline the changing dynamics occurring in cybersecurity, and analyse the challenges in terms of the threat, technology and digital environment. She will further assess the importance of investment, and a whole-of-society approach to lead in cybersecurity. The discussion following the keynote address will be facilitated by Richard Browne, Deputy Director of the National Security Analysis Centre (NSAC) at the Department of the Taoiseach.

https://www.iiea.com/events/building-resilience-and-prosperity-with-cybersecurity

--- TLP:WHITE ---