Posts

Cybersecurity Updates For Week 11 of 2022

High-Severity DoS Vulnerability Patched in OpenSSL

OpenSSL updates announced on Tuesday patch a high-severity denial-of-service (DoS) vulnerability related to certificate parsing.

Read more:
https://www.securityweek.com/high-severity-dos-vulnerability-patched-openssl

CISOs face ‘perfect storm’ of ransomware and state-supported cybercrime

With not just ransomware gangs raiding network after network, but nation states consciously turning a blind eye to it, today’s chief information security officers are caught in a “perfect storm.

Read more:
https://www.theregister.com/2022/03/18/ciso_security_storm/

Agencies Warn on Satellite Hacks & GPS Jamming Affecting Airplanes, Critical Infrastructure

The Russian invasion of Ukraine has coincided with the jamming of airplane navigation systems and hacks on the SATCOM networks that empower critical infrastructure.

Read More:
https://threatpost.com/agencies-satellite-hacks-gps-jamming-airplanes-critical-infrastructure/178993/

Other news worth mentioning:

Random number generator enhancements for Linux 5.17 and 5.18
Blockchain blocks identity theft
Leaked Ransomware Docs Show Conti Helping Putin From the Shadows
Meta fined €17 million by Irish regulator for GDPR violations

Cybersecurity Updates For Week 9 of 2022

DORA’s Global Reach and Why Enterprises Need to Prepare

A new cybersecurity regulation is coming to the European financial services sector, and its authority will be felt worldwide.

Read more:
https://www.darkreading.com/risk/dora-s-global-reach-and-why-enterprises-need-to-prepare

Shadowserver Special Reports – Cyclops Blink

On 2022-03-03 we sent out a second special report with an additional 673 IPs likely infected with Cyclops Blink, observed on 2022-02-24.

Read more:
https://www.shadowserver.org/news/shadowserver-special-reports-cyclops-blink/

Free HermeticRansom Ransomware Decryptor Released

A free decryptor is out to unlock a ransomware found piggybacking on the HermeticWiper data wiper malware that ESET and Broadcom’s Symantec discovered targeting machines at financial, defense, aviation and IT services outfits in Ukraine, Lithuania and Latvia last week.

Read More:
https://threatpost.com/free-hermeticransom-ransomware-decryptor-released/178762/

Other news worth mentioning:

Conti Ransomware Group Diaries, Part I: Evasion
Conti Ransomware Group Diaries, Part II: The Office
Conti Ransomware Group Diaries, Part III: Weaponry
Russia Releases List of IPs, Domains Attacking Its Infrastructure with DDoS Attacks