Welcome to the Transatlantic Cable a podcast that dives into hot topics in the security news and industry each week. Episode 242 of the Transatlantic Cable starts with Conti ransomware gang internal chat logs, day-to-day operations leaked. Then we jump to REvil ransomware gang update as a member extradited to U.S. to show more ...
ASUS routers have emerged as the target of a nascent botnet called Cyclops Blink, almost a month after it was revealed the malware abused WatchGuard firewall appliances as a stepping stone to gain remote access to breached networks.
Researchers are tracking a number of open-source “protestware” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine.
Affecting versions 10.1.1 and 10.1.2 of the library, the changes introduced undesirable behavior by its maintainer RIAEvangelist, targeting users with IP addresses located either in Russia or Belarus, and wiping arbitrary file contents.
Ransomware causes problems no matter what brand it is, but some forms are noticeably more prolific than others, with four strains of the malware accounting for a combined total of almost 70% of all attacks.
Google's Threat Analysis Group (TAG) took the wraps off a new initial access broker that it said is closely affiliated to a Russian cyber crime gang notorious for its Conti and Diavol ransomware operations.
An analysis of two ransomware attacks has identified overlaps in the tactics, techniques, and procedures (TTPs) between BlackCat and BlackMatter, indicating a strong connection between the two groups.
Microsoft has filled in one new detail about how the TrickBot gang's IoT C2 devices, namely compromised MikroTik routers, were being used since 2018 for stealthy communication with infected PCs.
The new law requires critical infrastructure companies in the 16 industry sectors identified by the federal government to report to the CISA within 72 hours if they are experiencing a cyberattack and within 24 hours of making a ransomware payment.
CISA and the FBI have issued a warning highlighting their intelligence on "possible threats" to satellite communication (SATCOM) networks in the United States and worldwide.
Japanese tyre manufacturer Bridgestone has confirmed that its US subsidiary had suffered a ransomware attack, just weeks after suppliers of automaker Toyota Motor reported similar attacks.
Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data while investigating the activity of the LightBasin cybercrime group (aka UNC1945).
The country’s arm of TransUnion confirmed that “a criminal third party obtained access to a TransUnion South Africa server through misuse of an authorized client’s credentials.” The company said the ransom demand “will not be paid.”
Chrome suffers from a heap buffer overflow vulnerability in chrome_pdf::PDFiumEngine::RequestThumbnail.
Red Hat Security Advisory 2022-0958-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Ubuntu Security Notice 5333-2 - USN-5333-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Chamal De Silva discovered that the Apache HTTP Server mod_lua module incorrectly handled certain crafted request bodies. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service.
Simple Mobile Comparison Website version 1.0 suffers from a cross site scripting vulnerability.
Google's Threat Analysis Group (TAG) took the wraps off a new initial access broker that it said is closely affiliated to a Russian cyber crime gang notorious for its Conti and Diavol ransomware operations. Dubbed Exotic Lily, the financially motivated threat actor has been observed exploiting a now-patched critical flaw in the Microsoft Windows MSHTML platform (CVE-2021-40444) as part of
ASUS routers have emerged as the target of a nascent botnet called Cyclops Blink, almost a month after it was revealed the malware abused WatchGuard firewall appliances as a stepping stone to gain remote access to breached networks. According to a new report published by Trend Micro, the botnet's "main purpose is to build an infrastructure for further attacks on high-value targets," given that
An analysis of two ransomware attacks has identified overlaps in the tactics, techniques, and procedures (TTPs) between BlackCat and BlackMatter, indicating a strong connection between the two groups. While it's typical of ransomware groups to rebrand their operations in response to increased visibility into their attacks, BlackCat (aka Alphv) marks a new frontier in that the cyber crime cartel
A financially motivated threat actor has been observed deploying a previously unknown rootkit targeting Oracle Solaris systems with the goal of compromising Automatic Teller Machine (ATM) switching networks and carrying out unauthorized cash withdrawals at different banks using fraudulent cards. Threat intelligence and incident response firm Mandiant is tracking the cluster under the moniker
