Latest News Articles



--- TLP:WHITE ---

News

− The Vulnerable Maritime Supply Chain - a Threat to the Global Economy

Successful cyberattacks against the maritime supply chain would have the potential to damage individual companies, national finances and even the global economy.

https://www.securityweek.com/vulnerable-maritime-supply-chain-threat-global-economy

− Lazarus hackers target VMware servers with Log4Shell exploits/h3>

The North Korean hacking group known as Lazarus is exploiting the Log4J remote code execution vulnerability to inject backdoors that fetch information-stealing payloads on VMware Horizon servers.

https://www.bleepingcomputer.com/news/security/lazarus-hackers-target-vmware-servers-with-log4shell-exploits/

− Conti ransomware shuts down operation, rebrands into smaller units

The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more.

https://www.bleepingcomputer.com/news/security/conti-ransomware-shuts-down-operation-rebrands-into-smaller-units/

Vulnerabilities

− National Cybersecurity Agencies Describe Commonly Used Initial Access Techniques

Cybersecurity agencies in the United States, the United Kingdom, Canada, the Netherlands, and New Zealand warn that threat actors exploit poor security practices for initial access to victim environments.

https://www.cisa.gov/uscert/sites/default/files/publications/AA22-137A-Weak_Security_Controls_and_Practices_Routinely_Exploited_for_Initial_Access.pdf

− CISA shares guidance to block ongoing F5 BIG-IP attacks

In a joint advisory issued today, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) warned admins of active attacks targeting a critical F5 BIG-IP network security vulnerability (CVE-2022-1388).

https://www.cisa.gov/uscert/ncas/alerts/aa22-138a

− Ransomware gangs rely more on weaponizing vulnerabilities

Security researchers are warning that external remote access services continue to be the main vector for ransomware gangs to breach company networks.

https://www.group-ib.com/resources/threat-research/ransomware-2022.html

Remote Code Execution Vulnerability in iControl REST Component F5 BIG-IP (

A critical vulnerability, CVE-2022-1388, allowing remote code execution has been identified in the iControl REST component of F5 BIG-IP products.

https://www.ncsc.gov.ie/pdfs/BIG_IP_RCE_130522.pdf

--- TLP:WHITE ---