Blog

Cybersecurity Digest #24: 26/04/2021 – 14/05/2021

Cybersecurity News

  • Babuk ransomware readies ‘shut down’ post, plans to open source malware. After just a few months of activity, the operators of Babuk ransomware briefly posted a short message about their intention to quit the extortion business after having achieved their goal. Unlike other gangs that chose to release decryption keys or even return the collected ransoms, Babuk’s final gesture is to pass the torch to others.
  • Google has announced the release of Chrome 90.0.4430.212 for Windows, macOS and Linux. The new update contains patches for 19 vulnerabilities, 15 fixes were contributed by external researchers.
  • Pradeo team has come across an advanced mobile attack campaign that uses a phishing technique to steal victims’ credit card details and infects them with a malware that impersonates the Android Google Chrome app. The malware uses victims’ devices as a vector to send thousands of phishing SMS. Pradeo’s researchers qualified it as a Smishing trojan.
  • Microsoft has released an open-source tool called Counterfit that helps developers test the security of artificial intelligence (AI) systems. Microsoft has published the Counterfit project on GitHub and points out that a previous study it conducted found most organizations lack the tools to address adversarial machine learning.

More

Cybersecurity Digest #23: 12/04/2021 – 23/04/2021

Cybersecurity News

  • The US administration approved a 100-day plan to protect electrical infrastructure from cyber threats from adversaries. This is stated in a statement by the official representative of the National Security Council of the White House, Emily Horne.
  • Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. Microsoft has classified this bug as a DDoS vulnerability and is tracking it as CVE-2021-28312 with the title ‘Windows NTFS Denial of Service Vulnerability.’
  • Nato holds Locked Shields 2021 – cyber war games with hackers targeting fictional island nation. The drills involving 30 countries are meant to test Nato’s defences during a global pandemic that is making the world more dependent on virtual systems. Hackers targeted vaccine developers during the Covid-19 crisis and the US government was the target of a major cyber attack, which was discovered last year.
  • A joint advisory from the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) warn that the Russian Foreign Intelligence Service (SVR) is exploiting five vulnerabilities in attacks against U.S.

More

Cybersecurity Digest #22: 29/03/2021 – 09/04/2021

Cybersecurity News

More

Cybersecurity Digest #21: 15/03/2021 – 26/03/2021

Cybersecurity News

Cybersecurity Blog Posts

More

Cybersecurity Digest #20: 1/03/2021 – 12/03/2021

Cybersecurity News

More