RSS_Virtulization

The US government is urging SAP owners to urgently patch and fix their application environments after a new report warned of mass exploitation. The Cybersecurity and Infrastructure Security Agency (CISA) urged SAP businesses to prioritize reviewing the Onapsis report. It said affected customers could be exposed to data theft, financial fraud, ransomware and disruption of mission critical operations and processes. Onapsis claimed to have discovered over 300 successful exploitation attempts in the course of its…

Cyber criminals have many tricks up their sleeves when it comes to compromising sensitive data. They don’t always rely on system vulnerabilities and sophisticated hacks. They’re just as likely to target the an organisation’s employees. The attack methods they use to do this are known as social engineering. What is social engineering? Social engineering is a collective term for ways in which fraudsters manipulate people into performing certain actions. It’s generally used in an information…

Asset management is a tricky subject. In many cases, organizations have no idea about how many assets they have, let alone where they are all located.  Fortunately, there are tools that can assist with reaching your asset management goals. While Tripwire Enterprise (TE) is great for detecting unauthorized changes on your system and also for ensuring your systems are hardened (as well as stay hardened), you must first get a handle on managing the assets that you’re…

A new report published by Microsoft revealed that 80% of global enterprises were victims of a firmware-focused cyberattack. Microsoft recently published a report that states, titled “March 2021 Security Signals report,” that revealed that more than 80% of enterprises were victims of at least one firmware attack in the past two years. The study pointed out that only 29% of the targeted organizations have allocated budgets to protect firmware. A vast majority of companies in a global…

Cyber-criminals behind a cyber-attack on a Florida school district are demanding a ransom payment of $40m in cryptocurrency.  The computer system of Broward County Public Schools was compromised at the beginning of March by data-locking ransomware in a Conti gang operation. The attack caused a system shutdown but left classes undisturbed.  Broward is the sixth-largest school district in the United States with 271,000 students and an annual budget of around $4bn.  The district, which is based in Fort…

European drone manufacturer Parrot has partnered with crowdsourced security platform YesWeHack to launch a Bug Bounty program. By setting up the two-phase program, Parrot hopes that potential vulnerabilities in its drones, mobile applications, and web services will be identified by YesWeHack’s community of more than 22,000 cybersecurity researchers. “After the integration of cybersecurity from the initial design phase of Parrot drones, the Bug Bounty launched with YesWeHack completes the audits and brings an additional step of control,” said Victor Vuillard,…

Executive Summary  Cuba ransomware is an older ransomware, that has recently undergone some development. The actors have incorporated the leaking of victim data to increase its impact and revenue, much like we have seen recently with other major ransomware campaigns.  In our analysis, we observed that the attackers had access to the network before the infection and were able to collect specific information in order to orchestrate the attack and have the greatest impact. The attackers operate using a set of PowerShell scripts that…

Cuba Ransomware Overview Over the past year, we have seen ransomware attackers change the way they have responded to organizations that have either chosen to not pay the ransom or have recovered their data via some other means. At the end of the day, fighting ransomware has resulted in the bad actors’ loss of revenue. Being the creative bunch they are, they have resorted to data dissemination if the ransom is not paid. This means…

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT10, Charming Kitten, China, Cycldek, Hancitor, Malspam, North Korea, Phishing, TA453, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the…