Author: DEFENDEDGE

  • FBI Releases Indicators of Compromise Associated with Hive Ransomware

    DEFENDEDGE

    Original release date: August 27, 2021 The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with ransomware attacks by Hive, a likely Ransomware-as-a-Service organization consisting of a number of actors using multiple mechanisms to compromise business networks, exfiltrate data and encrypt… Read more

  •  ICSJWG 2021 Fall Virtual Meeting

    DEFENDEDGE

    Original release date: August 27, 2021 The Industrial Control Systems Joint Working Group (ICSJWG) will hold the virtual 2021 ICSJWG Fall Meeting, September 21—22, 2021. ICSJWG meetings facilitate relationship building among critical infrastructure stakeholders and owners/operators of industrial control systems, idea exchange regarding critical issues affecting industrial control systems (ICS) cybersecurity, and information sharing to… Read more

  • New SideWalk Backdoor Targets U.S.-based Computer Retail Business

    DEFENDEDGE

    A computer retail company based in the U.S. was the target of a previously undiscovered implant called SideWalk. SideWalk is a modular backdoor that can dynamically load additional modules sent from its command-and-control server. It then makes use of Google Docs as a dead drop resolver, and Cloudflare workers as a command-and-control server. This malware… Read more

  • ‘Pay Ransom’ Screen? Too Late, Humpty Dumpty – Podcast

    DEFENDEDGE

    Splunk’s Ryan Kovar discusses the rise in supply-chain attacks a la Kaseya & how to get ahead of encryption leaving your business a pile of broken shells.  Read more

  • F5 Bug Could Lead to Complete System Takeover

    DEFENDEDGE

    The worst of 13 bugs fixed by the August updates could lead to complete system compromise for users in sensitive sectors running products in Appliance mode. Read more

  • Cisco Issues Critical Fixes for High-End Nexus Gear

    DEFENDEDGE

    Networking giant issues two critical patches and six high-severity patches. Read more

  • Microsoft Breaks Silence on Barrage of ProxyShell Attacks

    DEFENDEDGE

    versions of the software are affected by a spate of bugs under active exploitations. Read more

  • Win10 Admin Rights Tossed Off by Yet Another Plug-In

    DEFENDEDGE

    Then again, you don’t even need the actual device – in this case, a SteelSeries peripheral – since emulation works just fine to launch with full SYSTEM rights. Read more

  • F5 Releases August 2021 Security Advisory

    DEFENDEDGE

    Original release date: August 25, 2021 F5 has released a security advisory on vulnerabilities affecting multiple versions of BIG-IP and BIG-IQ for August 2021. CISA encourages users and administrators to review the F5 security advisory and install updated software or apply the necessary mitigations as soon as possible. This product is provided subject to this… Read more

  • Pegasus Spyware Uses iPhone Zero-Click iMessage Zero-Day

    DEFENDEDGE

    Cybersecurity watchdog CitizenLab saw the new zero-day FORCEDENTRY exploit successfully deployed against iOS versions 14.4 & 14.6, blowing past Apple’s new BlastDoor sandboxing feature to install spyware on the iPhones of Bahraini activists – even one living in London at the time. Read more