Wednesday, October 27, 2021
Internet Storm Center Infocon Status



ISC StormCast for Wednesday, October 27th, 2021

Apple Updates Everything (but no details yet) Craigslist E-Mail
The Register

China Telecom booted out of USA as Feds worry it could disrupt or spy on local networks

FCC urges more action against Huawei and DJI, too The US Federal Communications Commission (FCC) has terminated China Telecom's authority to provide communications services in the USA.…

150 People Arrested in US-Europe Darknet Drug Probe

Law enforcement officials in the U.S. and Europe have arrested 150 people and seized more than $31 million in an international drug trafficking investigation stemming from sales on the darknet, the Justice Department said Tuesday. read more
Security Now

SN 842: The More Things Change… – Gummy Browsers Attack, What Happened to REvil, Comms Hub, Win 11 Fixes

Picture of the Week. A sneak peak at November 9th upcoming Win11 fixes. Leo gets his wish!! REvil WAS recently re-taken down by Law Enforcement! Microsoft: "We're Excited to Announce the Launch of Comms Hub!" Microsoft: "Windows update expiration policy explained" And while we're...

Free Tool Helps Security Teams Measure Their API Attack Surface

Data Theorem's free API Attack Surface Calculator helps security teams understand potential API exposures.

North Korea's Lazarus Group Turns to Supply Chain Attacks

State-backed group is among a growing number of threat actors looking at supply chain companies as an entry point into enterprise networks.

Ready to Play? Squid Game Becomes an Attractive Lure to Spread Cyberthreats

Following demand from viewers, cybercriminals are not shy in taking advantage of fans’ eagerness to watch the show, with well-known fraud schemes hitting the web.

IBM Announces Advances and New Collaborations in AI-Powered Automation, 5G Connectivity and Security at Mobile World Congress Los Angeles

IBM collaborates with Boston Dynamics, Cisco, Palo Alto Networks and Turnium Technology Group to help equip businesses in next phase of digital transformation.

CISA Announces Appointment of Washington Secretary of State Kim Wyman as Senior Election Security Lead

As an expert on elections, her appointment speaks to the Agency’s dedication to working with election officials throughout the nation in a non-partisan manner to ensure the security and resilience of our election infrastructure.
Security Weekly

Horror Stories – ASW #171

This week, we welcome Ashish Rajan, Head of Security & Podcast Host at Cloud Security Podcast, to discuss Security Champions in an Online First World! Ashish will talk about building a security champion in an online world and how...

Gas Stations in Iran Downed by Cyberattack

Unknown attackers hijacked gasoline pump machines and defaced them with a message that reportedly included a phone number for Supreme Leader Ayatollah Ali Khamenei's office.
Security Weekly

SMS Fraud, REvil Revenge, XP Users, Nobelium Returns, & Polygon Bug Bounty – SWN #161

This week in the Security News Dr.Doug talks: REvil strikes back, Windows XP, SMS fraud, Nobelium, BQE, Discourse, Polygon, and the returning Expert Commentary of Jason Wood!   Show Notes: Visit for all the latest episodes!  ...
The CyberWire Podcast

Ransomware and privateering, counteroffense and deterrence. The US State Department will reestablish its cyber office. And looking forward to Halloween.

Notes on ransomware and privateering: Conti’s barking at its victims, someone’s exploiting billing software, and BlackMatter repeated some coding errors its DarkSide predecessor committed. GCHQ suggests that the UK will undertake...

BrandPost: Secure SD-WAN Improves Network Protection in Fuel Distribution System

Customer PerspectivesA petroleum distribution business developed innovative ideas for increasing customer loyalty, but it needed to upgrade its technology infrastructure to bring those concepts to life.The company, which operates several hundred full-service gas stations, wanted to provide direct internet...
Infosecurity Magazine

State Department to Form Cyber Bureau

State Department to Form Cyber BureauThe United States is planning to create a new government department that will deal with matters of digital policy and cybersecurity.  On Monday, Secretary of State Tony Blinken announced plans for the State Department to...
Security Affairs

Expert managed to crack 70% of a 5,000 WiFi network sample in Tel Aviv

A researcher from the security firm CyberArk has managed to crack 70% of Tel Aviv’s Wifi Networks starting from a sample of 5,000 gathered WiFi. CyberArk security researcher Ido Hoorvitch demonstrated how it is possible to crack WiFi at scale...
The Register

These couldn’t wait for Patch Tuesday: Adobe issues bonus fixes for 92 security holes in 14 products

It's 2021 and of course code with classic buffer overflows is still shipping A mere two weeks after its most recent set of security patches, Adobe has issued another 14 security bulletins covering 92 CVE-listed bugs.…

Cybersecurity Talent Gap Narrows as Workforce Grows

Job satisfaction and salaries have both increased for cybersecurity professionals, as younger workers seek specific training to prepare for a cybersecurity career.
IBM Security

Data Security: How Data Activity Monitoring Protects Against Ransomware

Ransomware is an attack on your data. Can you say that your approach to preventing ransomware is focused on data? Organizations are becoming more aware of the chaos that ransomware can create — to the tune of $4.62 million...
Infosecurity Magazine

150 Arrested Over Darknet Drug Trafficking

150 Arrested Over Darknet Drug TraffickingAn international law enforcement action has led to the arrest of 150 individuals worldwide on suspicion of buying or selling illicit goods on the dark web.  Operation Dark HunTor involved the combined effort of police forces...

DoJ & Europol Arrest 150 in Disruption of DarkNet Drug Operation

Operation Dark HunTor targeted opioid traffickers on the DarkNet, leading to the seizure of weapons, drugs, and $31 million.

Adobe Patches Gaping Security Flaws in 14 Software Products

Adobe on Tuesday released a slew of urgent patches with fixes for more than 90 documented vulnerabilities that expose Windows, macOS and Linux users to malicious hacker attacks. The security defects affect a wide range of popular products, including Adobe...

BrandPost: Helping Healthcare Win Its Other Big Battle: Cyberattacks

Anyone running a business is likely familiar with the phrase “building the plane as you’re flying it.” And through the craziness of the past 19 months, many of us lived the phrase, becoming pilots and engineers of our new...

Illumio Brings Visibility, Zero Trust Principles to Hybrid Cloud

A new product seeks to solve the two primary security issues that come with moving to the cloud: the danger of accidental misconfigurations and the loss of visibility.  read more
Brian Krebs

FBI Raids Chinese Point-of-Sale Giant PAX Technology

U.S. federal investigators today raided the Florida offices of PAX Technology, a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. KrebsOnSecurity has learned the raid is tied to reports that PAX’s systems may have...


Brian Krebs

FBI Raids Chinese Point-of-Sale Giant PAX Technology

U.S. federal investigators today raided the Florida offices of PAX Technology, a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. KrebsOnSecurity has learned the raid is tied to reports that PAX’s systems may have...
Graham Cluley

Ransomware gang outraged at “bandit-mugging behavior of the United States” after REvil group pushed offline

The Conti ransomware gang is outraged that the United States appears to have hacked into the REvil ransomware gang's infrastructure, and knocked it offline...
Graham Cluley

Man who “scraped and sold 178 million users’ data” is sued by Facebook

Facebook is suing a Ukrainian man for allegedly stealing the data of more than 178 million users, and then selling it on an underground cybercrime forum. Read more in my article on the Hot for Security blog.
Brian Krebs

Conti Ransom Gang Starts Selling Access to Victims

The Conti ransomware affiliate program appears to have altered its business plan recently. Organizations infected with Conti’s malware who refuse to negotiate a ransom payment are added to Conti’s victim shaming blog, where confidential files stolen from victims may...
Bruce Schneier

New York Times Journalist Hacked with NSO Spyware

Citizen Lab is <a href=""reporting that a New York Times journalist was hacked with the NSO Group’s spyware Pegasus, probably by the Saudis. The world needs to do something about these cyberweapons arms manufacturers. This kind of thing isn’t enough;...