Latest News Articles



--- TLP:WHITE ---

News

− Kansas Man Admits Hacking Public Water Facility

A Kansas man admitted in court to tampering with the systems at the Post Rock Rural Water District, two months after leaving from his job there using his old credentials and a remote login.

https://www.justice.gov/usao-ks/pr/kansas-man-pleads-guilty-water-facility-tampering

− Conti Ransom Gang Starts Selling Access to Victims

The Conti ransomware affiliate program appears to have altered its business plan recently. Organizations infected with Conti's malware who refuse to negotiate a ransom payment are added to Conti's victim shaming blog, where confidential files stolen from victims may be published or sold. But sometime over the past 48 hours, the cybercriminal syndicate updated its victim shaming blog to indicate that it is now selling access to many of the organizations it has hacked.

https://krebsonsecurity.com/2021/10/conti-ransom-gang-starts-selling-access-to-victims/

− Money launderers for Russian hacking groups arrested in Ukraine

The Ukrainian cybercrime police force has arrested members of a group of money launderers and hackers at the request of U.S. intelligence services.

https://www.bleepingcomputer.com/news/security/money-launderers-for-russian-hacking-groups-arrested-in-ukraine/

− Police arrest criminals behind Norsk Hydro ransomware attack

Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries.

https://www.europol.europa.eu/newsroom/news/12-targeted-for-involvement-in-ransomware-attacks-against-critical-infrastructure

− Australian Government publishes their Ransomware action plan

This Ransomware Action Plan sets out the Government’s immediate strategic approach to tackle the threat posed by ransomware, and builds on the overarching cyber security architecture instigated in the 2016 and 2020 Cyber Security Strategies, and is designed around the framework of the National Strategy to Fight Transnational, Serious and Organised Crime.

https://www.homeaffairs.gov.au/cyber-security-subsite/files/ransomware-action-plan.pdf

Vulnerabilities

− NCSC Alert: FluBot - New Android Text Message Scam Targeting Irish Users

The NCSC is aware of the SpyWare malware known as FluBot affecting Android users in Ireland. The NCSC has previously released an Alert regarding FluBot in June 2021 - analysis of previous waves of this campaign suggests that Irish users may be targeted in the near future.

https://www.ncsc.gov.ie/pdfs/Flubot_281021.pdf

− Microsoft: Russian SVR hacked at least 14 IT supply chain firms since May

Microsoft says the Russian-backed Nobelium threat group behind last year's SolarWinds hack is still targeting the global IT supply chain, with 140 resellers and technology service providers attacked and at least 14 breached since May 2021.

https://blogs.microsoft.com/on-the-issues/2021/10/24/new-activity-from-russian-actor-nobelium/

− The Role of Service Providers in Transforming Security

With various types of attacks utilising managed service providers to gain access to multiple targets, it's important to ask how those service providers can help improve security for enterprise environments. Although taking measures in this area requires a lot of effort, the recent increase in attack severity and breadth suggests that such efforts timely and worthwhile.

https://labs.ripe.net/author/kathleen_moriarty/the-role-of-service-providers-in-transforming-security/

− Emergency Google Chrome update fixes zero-days used in attacks

Google has released Chrome 95.0.4638.69 for Windows, Mac, and Linux to fix two zero-day vulnerabilities that attackers have actively exploited.

https://www.bleepingcomputer.com/news/google/emergency-google-chrome-update-fixes-zero-days-used-in-attacks/

Community News

− US State Department Sets Up Cyber Bureau, Envoy Amid Hacking Alarm

US Secretary of State Antony Blinken announced Monday that the State Department will establish a new bureau and envoy to handle cyber policy, revamping amid alarm over rising hacking attacks. In a memo to staff, Blinken said that a review showed a need for structural changes on how the State Department should adapt to 21st-century challenges.

https://thehill.com/policy/cybersecurity/578728-blinken-formally-announces-new-state-dept-cyber-bureau-as-part-of

− Online harms don’t need dangerous legislation, they need a spot of naval action

Adapt legislation that solved pirate radio to modern advertising spending that enables harm.

https://www.theregister.com/2021/10/25/online_harms_dont_need_dangerous/

--- TLP:WHITE ---