Tuesday, September 27, 2022
Internet Storm Center Infocon Status



ISC StormCast for Tuesday, September 27th, 2022

Easy Python Sandbox Detection https://isc.sans.edu/forums/diary/Easy+Python+Sandbox+Detection/29090 Hackers use PowerPoint Files for
The Register

Ukraine fears ‘massive’ Russian cyberattacks on power, infrastructure

Will those be before or after the nuke strikes Putin keeps banging on about? Russia plans to conduct "massive cyberattacks" on Ukraine and its allies' critical infrastructure and energy sector, according to Kyiv.…

BrandPost: Extortion Economics: Ransomware’s New Business Model

Did you know that over 80% of ransomware attacks can be traced to common configuration errors in software and devices? This ease of access is one of many reasons why cybercriminals have become emboldened by the underground ransomware economy.And...

Police ‘all over’ dark web ransom threat to release 10,000 customer records a day, Optus CEO says

Purported hackers post ultimatum demanding $1m within four days after massive Optus data breachFollow our Australia news live blog for the latest updatesGet our free news app, morning email briefing or daily news podcastThe chief executive of Optus, Kelly...

Barracuda Unveils New Capabilities To Protect Against Persistent And Evolving Threats

Barracuda announced a number of product enhancements and innovative new capabilities at its recent Secured.22 virtual conference to expand the protection for customers and help them defend against the latest cyber threats.

Zoho ManageEngine flaw is actively exploited, CISA warns

A remote code execution vulnerability in Zoho's ManageEngine, a popular IT management solution for enterprises, is being exploited in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) added the flaw to its catalog of known exploited vulnerabilities...

Despite Recession Jitters, M&A Dominates a Robust Cybersecurity Market

Funding has been somewhat lower than last year, but investment remains healthy, analysts say, amid thirst for cloud security in particular.
The CyberWire Podcast

Unrest in Iran finds expression in cyberspace. Cyber conflict and diplomacy. Cybercrime in the hybrid war. And there seems to have been an arrest in the Uber and Rockstar breaches.

Unrest in Iran finds expression in cyberspace. Albania explains its reasons for severing relations with Iran. Cybercrime in the hybrid war. Rick Howard on risk forecasting with data scientists. Dave Bittner...

Russia plans “massive cyberattacks” on critical infrastructure, Ukraine warns

Enlarge (credit: gwengoat | Getty Images) The Ukrainian government on Monday warned that the Kremlin is planning to carry out “massive cyberattacks” targeting power grids and other critical infrastructure in...

Russia Planning Cyberattacks on Ukraine's Energy Grid

Ukraine military intelligence says Russia is planning cyberattacks on the country's energy sector, as well as against allies including Poland and the Baltic states.

Russia Gives Citizenship to Ex-NSA Contractor Edward Snowden

Russian President Vladimir Putin has granted Russian citizenship to former U.S. security contractor Edward Snowden, according to a decree signed Monday by the Russian leader. read more

Optus customers exasperated by chatbots and ‘rubbish’ communication after data breach

Some customers look to switch providers after puzzling responses and ‘less than helpful’ serviceGet our free news app, morning email briefing or daily news podcastOptus customers say they are growing increasingly angry and frustrated at the poor communication from...

Government flags new cybersecurity laws and increase in fines after Optus breach

Clare O’Neil says penalties for telcos are ‘totally inappropriate’ and data breach was ‘significant error’Optus data security breach: what should I do to protect myself?Get our free news app, morning email briefing or daily news podcastThe Albanese government will...
Infosecurity Magazine

Fitbit Increases Security Requirements, Mandates Google Login From 2023

Users will have the option to log in using their Fitbit account for as long as it is supported
Unsuperivsed Learning Podcast

News & Analysis | NO. 350

Infowar Audit, Zoom Reflections, SF CamerasSupport the show: https://danielmiessler.com/support/See omnystudio.com/listener for privacy information.

Ukraine Says Russia Planning 'Massive Cyberattacks' on Critical Infrastructure

The Ukrainian government says it is bracing to deal with “massive cyberattacks” from Russian hackers against critical infrastructure targets in the energy sector. read more

Cyber Threat Alliance Extends Membership to 6+ Leading Cybersecurity Companies

CTA now has 36 members headquartered in 11 countries who follow cyber activities across the world, showing cybersecurity industry members realize the value in collaboration.
The Register

SQL Server admins warned about Fargo ransomware

From small town in North Dakota with a crime problem to file-scrambling nasty Organizations are being warned about a wave of attacks targeting Microsoft SQL Server with ransomware known as Fargo, which encrypts files and threatens victims that their...
Infosecurity Magazine

ReasonLabs Unveils Multimillion Dollar Global Credit Card Scam

The victims of the plot were users of Mastercard, Visa, and American Express, among others

US CISA/NSA release new OT/ICS security guidance, reveal 5 steps threat actors take to compromise assets

The US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have published a new Cybersecurity Advisory (CSA) for protecting operational technology (OT) and industrial control systems (ICS). The CSA outlines the Tactics, Techniques and Procedures...

Jamf buys ZecOps to bring high-end security to Apple enterprise

The Apple-in-the-enterprise story continues to unfold, this week with Jamf's announced plans to acquire mobile threat detection and response company ZecOps.Already consumer-simple, Jamf becomes government secure Jamf will likely reveal more about the motivations behind the deal at its JNUC event...

Hackers Leak French Hospital Patient Data in Ransom Fight

Hackers who crippled a French hospital and stole a trove of data last month have released personal records of patients online, officials have confirmed. The cyberattackers demanded a multimillion dollar ransom from the Corbeil-Essonnes hospital...

Darth Vader’s voice will be AI-generated from now on

Enlarge / As James Earl Jones retires, Darth Vader's voice will come courtesy of voice-cloning software called Respeecher. (credit: Lucasfilm / Benj Edwards) During the creation of the Obi-Wan Kenobi...
Infosecurity Magazine

Hackers Use NullMixer and SEO to Spread Malware More Efficiently

The websites are often related to crack, keygen and activators for illegal software

97% of enterprises say VPNs are prone to cyberattacks: Study

Reliance on VPNs for remote access is putting enterprises at significant risk as social engineering, ransomware, and malware attacks continue to advance, exposing  businesses to greater risk, according to a new report by cloud security company Zscaler.To read this...


Graham Cluley

TAP Air Portugal confirms hack, as Ragnar Locker gang leaks data – including that of Portugese president

Politicians including Portugese president Marcelo Rebelo de Sousa are amongst those who have had their personal information leaked following an attack by the notorious Ragnar Locker gang against the country's national airline TAP. Read more in my article on the...
Graham Cluley

Beware Revolut frozen card scams sent via SMS text

Users of Revolut, the popular banking app, would be wise to be on their guard - as scammers are sending out barrages of SMS text messages, posing as official communications from the financial firm.
Graham Cluley

Teen hacking suspect charged with computer misuse and breach of bail conditions

Could the 16-year-old arrested in Oxford in March now be the 17-year-old arrested in Oxfordshire and charged with breaching his bail conditions?
Bruce Schneier

Leaking Passwords through the Spellchecker

Sometimes browser spellcheckers leak passwords: When using major web browsers like Chrome and Edge, your form data is transmitted to Google and Microsoft, respectively, should enhanced spellcheck features be enabled. Depending on the website you visit, the form data may itself...
Graham Cluley

See how Pentera identifies and mitigates the risk of your most exploitable exposed credentials

Graham Cluley Security News is sponsored this week by the folks at Pentera. Thanks to the great team there for their support! Leaked and stolen credentials continue to pose a critical risk to organizations globally. In fact, 65% of...