attack Archives - Cyber Security Minute

Fast Company hacked to send obscene and racist messages

Issued by: Malwarebytes

Yesterday, Apple News announced it had disabled the channel of Fast Company, a US-based business magazine, after surprised Twitter users reported it was tweeting offensive comments. Fast Company was hacked on Sunday, September 25. The attacker responsible modified article titles to obscene and racist things: “Hacked by Vinny Troia. [redacted] tongue my [redacted]”, one title…

Malware & Threats

Tens of thousands unpatched GitLab servers under attack via CVE-2021-22205

Issued by: Help Net Security

Attackers are actively exploiting an “old” vulnerability (CVE-2021-22205) to take over on-premise GitLab servers, Rapid7 researcher Jacob Baines warns. The additional bad news is that at least half of the 60,000 internet-facing GitLab installations the company detects are not patched against this issue. What are the attackers doing with these servers? Damian Menscher, a security…

Malware & Threats

You’ve Just Been Ransomed … Now What?

Issued by: Dark Reading

Seemingly every day, a new organization announces they’ve been hit by a ransomware attack. The agnostic nature of ransomware leaves no industry immune to vulnerabilities. Be it school systems, healthcare providers, or government agencies, the battlegrounds are increasingly widespread. Companies should operate not on a basis of if they’ll be hit, but when. Executives and…

Malware & Threats

Amnesty Links Indian Cybersecurity Firm to Spyware Attack on African Activist

Issued by: Security Week

In late 2019 and early 2020, ahead of the presidential elections in Togo, the Donot Team hacking group attempted to spy on a prominent Togolese human rights defender, but only managed to raise the victim’s suspicion. Active since at least 2012 and also tracked as APT-C-35, and SectorE02, Donot Team is mainly known for its…

Vulnerabilities

Mandiant Snaps Up Attack Surface Management Startup Intrigue

Issued by: Security Week

According to FireEye, Intrigue’s technology will be integrated into the Mandiant Advantage platform, and help customers discover, monitor, and manage risk across their attack surface. “By coupling intelligence on the vulnerabilities that are being exploited by adversaries with visibility across the entire attack surface, Mandiant Advantage with Intrigue’s capabilities advances the ability of today’s overworked…

Vulnerabilities

Microsoft Patch Tuesday: Windows Flaw Under Active Attack

Issued by: Security Week

The zero-day flaw, documented as CVE-2021-36948, is rated “important” with a CVSS base score of 7.8. Microsoft described the vulnerability as a local privilege escalation bug, a suggestion that it is part of a larger software exploit chain. The Windows Update Medic Service is used to repair Windows Update components from damage so that Windows…

Malware & Threats

Ransomware Attack on UK Rail System – Spray and Pray or Targeted?

Issued by: Security Week

Railways in the UK are operated under a licensed franchise system following the breakup of the state-owned British Rail, which was privatized gradually from 1994 to 1997. The rail infrastructure is owned and managed by Network Rail, described as an ‘arm’s length’ public body of the Department of Transport – but the rail services are…

Vulnerabilities

ICS Patch Tuesday: Siemens and Schneider Electric Address 100 Vulnerabilities

Issued by: Security Week

The 18 new advisories prepared by Siemens for the July 2021 Patch Tuesday cover nearly 80 vulnerabilities impacting the company’s products. Some of the vulnerabilities have already been patched by Siemens, while others are in the process of being fixed. Workarounds and/or mitigations are also available. An advisory for JT2Go and Teamcenter Visualization covers the…

Malware & Threats

Vermont Hospital Still Calculating Cost of Ransomware Attack

Issued by: Security Week

Scheduling and patient medical records were affected and some cancer patients faced delays in treatment. It took months for the University of Vermont Health Network to recover from the attack, estimated to cost upwards of $63 million. The network is insured for $30 million and officials are continuing to negotiate with the insurance companies, but…

Vulnerabilities

Newly Disclosed Vulnerability Allows Remote Hacking of Siemens PLCs

Issued by: Security Week

The vulnerability is tracked as CVE-2020-15782 and it has been described as a high-severity memory protection bypass issue that allows an attacker with network access to TCP port 102 to write or read data in protected memory areas. Siemens PLCs can be hacked remotely via new vulnerabilitySiemens says the security hole impacts its SIMATIC S7-1200…