Latest News Articles



--- TLP:WHITE ---

News

− REvil ransomware is back in full attack mode and leaking data

The REvil ransomware gang has fully returned and is once again attacking new victims and publishing stolen files on a data leak site.

https://www.bleepingcomputer.com/news/security/revil-ransomware-is-back-in-full-attack-mode-and-leaking-data/

− Thousands of Fortinet VPN Account Credentials Leaked

According to a statement released by Fortinet, credentials stolen from 87,000 unpatched SSL-VPNs have been posted to an online forum by former Babuk gang members for free. On Wednesday, BleepingComputer reported that it had been a miscommunication with a threat actor who leaked nearly half a million Fortinet VPN credentials.

https://www.fortinet.com/blog/psirt-blogs/malicious-actor-discloses-fortigate-ssl-vpn-credentials

− REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out

Bitdefender collaborated with law enforcement to create a key that would release data encrypted in ransomware attacks before the REvil ransomware gang disappeared from the internet on July 13. The universal decryption key will be free for victims of REvil ransomware attacks.

https://www.bitdefender.com/blog/labs/bitdefender-offers-free-universal-decryptor-for-revil-sodinokibi-ransomware/

− OWASP updates top 10 vulnerability ranking for first time since 2017

OWASP updates top 10 vulnerability ranking for first time since 2017

https://owasp.org/Top10/

Vulnerabilities

− Apple patches two in-the-wild vulnerabilities for multiple OS watchOS

Apple has released a series of security updates to patch two critical vulnerabilities that the company says were “actively exploited” in the wild.

https://www.intego.com/mac-security-blog/apple-patches-two-in-the-wild-vulnerabilities-for-macos-ios-ipados-watchos/

− NCSC Alert: Microsoft MSHTML Remote Code Execution Vulnerability (CVE-2021-40444) - UPDATE

A vulnerability exists in MSHTML which is a part of all versions of Microsoft Windows. The vulnerability (CVE-2021-40444) may allow attackers to craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. Microsoft has released security updates to address this vulnerability.

https://www.ncsc.gov.ie/pdfs/MSHTML_081421_UPDATE.pdf

− Links Found Between MSHTML Zero-Day Attacks and Ransomware Operations

Microsoft and threat intelligence company RiskIQ reported finding links between the exploitation of a recently patched Windows zero-day vulnerability and known ransomware operators.

https://www.riskiq.com/blog/external-threat-management/wizard-spider-windows-0day-exploit/

− NCSC alert: Apple iMessage vulnerability being exploited 2021-09-14

The NCSC has been made aware that attackers are exploiting a vulnerability known as “ForcedEntry” that affects iOS, macOS, and watchOS. It allows a remote attacker to gain access to a device without any user interaction. The vulnerability has been exploited since at least February 2021. Apple has released an update to resolve this vulnerability

https://www.ncsc.gov.ie/pdfs/Apple_Vulnerability.pdf

Community News

−CyberSafeKids: Research Report 2021

Despite the challenges of 2021 and the global pandemic, CybersafeKids have produced a detailed overview of the data we collected from children in academic year 2020-21 in their annual report. The report highlights our observations on trends, risks and opportunities, as well as recommendations for a safer and smarter online world for children and young people.

https://www.cybersafekids.ie/research

--- TLP:WHITE ---