News
Hi everyone!
This weekend was another full-time dad weekend, so I'm doing a minimal edition again where I curate a little less and use the auto-generated descriptions. Sorry about that, but as always, family first :-)
Enjoy!
Dieter
Breaches and leaks
- Food giant JBS Foods shuts down production after cyberattack: link.
- FUJIFILM shuts down network after suspected ransomware attack: link.
- Backup appliance firm ExaGrid pays out $2.6 million ransom to attackers: link.
- Massachusetts' largest ferry service hit by ransomware attack: link.
- Scripps Health notifies patients of data breach after ransomware attack: link.
- UF Health Florida hospitals back to pen and paper after cyberattack: link.
- NSW Health confirms data breached due to Accellion vulnerability: link.
- ‘Battle for the Galaxy’ mobile game leaks 6M gamer profiles: link.
FBI, DOJ to treat ransomware attacks with similar priority as terrorism
FBI director Chris Wray told The Wall Street Journal that the recent wave of ransomware attacks was similar to what the country faced after 9/11.
Norton 360 antivirus now lets you mine Ethereum cryptocurrency
NortonLifelock has added the ability to mine Ethereum cryptocurrency directly within its Norton 360 antivirus program as a way to "protect" users from malicious mining software.
Google, Microsoft, and Mozilla work together on better browser extensions
Google, Microsoft, Apple, and Mozilla have launched the WebExtensions Community Group (WECG) to collaborate on standardizing browser extensions to enhance both security and performance.
Linux commands and utilities commonly used by attackers
Uptycs' threat research team has observed several instances of Linux malware where the attackers leverage the inbuilt commands and utilities for a wide range of malicious activities. This post takes a close look at those and how you can use Uptycs to detect them. (Sponsored)
WordPress force installs Jetpack security update on 5 million sites
Automattic, the company behind the WordPress content management system, force deploys a security update on over five million websites running the Jetpack WordPress plug-in.
Microsoft wants to unite APAC governments with cybersecurity council
US software vendor pulls together 15 policy makers from seven Asia-Pacific markets, including Indonesia, Singapore, and South Korea, to form a cybersecurity executive council that it hopes will exchange threat intelligence and resources in a "timely and open manner".
Chrome 91 will warn users when installing untrusted extensions
Developers who are new to the Chrome Web Store can also expect to wait several months before being considered 'trusted' within the Chrome browser.
XSS vulnerability found in popular Froala WYSIWYG website editor
The security flaw was found in how HTML sanitizing is performed.
GitHub's new policies allow removal of PoC exploits used in attacks
GitHub announced on Friday their updated community guidelines that explain how the company will deal with exploits and malware samples hosted on their service.
Russian underground forums launch competitions for cryptocurrency, NFT hacks
Prizes are on offer for everything from stealing wallet funds to compromising NFTs.
Cyber-insurance fuels ransomware payment surge
Companies relying on their cyber-insurance policies to pay off ransomware criminals are being blamed for a recent uptick in ransomware attacks.
Kali Linux 2021.2 released with new tools, improvements, and themes
Kali Linux 2021.2 was released today by Offensive Security and includes new themes and features, such as access to privileged ports, new tools, and a console-based configuration utility.
Big changes to 1Password in the browser
1Password just released a big update, providing biometric unlock, dark mode, and a new save experience. Worth checking out! (Sponsored)