Skip to main content

Posts

Showing posts with the label News

Acer Hacked in India

  Acer has been hacked again. The hackers claim that they stole 60GB worth of data from companies India operations. The data includes customer, corporate, accounts, and financial data, login info of retailers and distributors. This is the second time this year Acer has been hacked. Previously REvil ransomware gang hacked and demanded %50MM ransom. more info here ..

News This Week: Aug 23, 2021

  VMO collects the best news related to Vendors, Technology, Government Policy, etc. on web every week for you. ------------------------------ Disgruntled employees targeted to deploy ransomware within profitable organizations T-Mobile data breach exposed 50 Million people's data Mandiant (FIREEYE) disclosed a critical vulnerability affecting Millions of IoT devices Fortinet delays a Zero Day Vulnerability  in its Web Application Firewall LockFile, known for ransomware attacks on manufacturing, financial services, engineering and tourism, is exploiting a critical Microsoft Vulnerability. Razer mice could give hackers wide-open local access to your Windows PC Data breaches now cost companies an a$4.24 million per incident on average—the highest cost in the 17-year history - IBM IndiaMart's is possibly unaware of a data breach involving 38 Million records  that is up for grabs on hacking forums. IndiaMart is one of the largest B2B Marketplaces in India. Nvidia's $40B acqui

News This Week: Jul 02

  VMO collects the best news related to Vendors, Technology, Government Policy, etc. on web every week for you. ------------------------------ Western Digital urges users to immediately disconnect  WD My Book Live and WD My Book Live Duo after detecting a vulnerability that attacker can use to can remotely wipe the data. A Linux encryptor that targets and encrypts Vmware ESXi virtual machines. The REvil ransomware operation is now using a Linux encryptor to mass encrypt storage used by VMs and NAS devices. Microsoft recommends enabling multi-factor authentication to protect their environments after new activity from the NOBELIUM threat actor. This activity was targeted at specific customers, primarily IT companies (57%), followed by government (20%), and smaller percentages for non-governmental organizations. Babuk Locker Ransomware group releases the builder that encrypts files hosted on Windows systems, ARM-based network storage attached (NAS) devices, and VMWare ESXi servers. Thi

News This Week: Jun 25

VMO collects the best news related to Vendors, Technology, Government Policy, etc. on web every week for you. Red Hat/CentOS and Debian Linux distributions get hit by DarkRadiation Ransomware White House is working on a strategy to enhance Organizations' Security systems and perimeter security SonicWall Left a VPN Flaw Partially Unpatched Amidst 0-Day Attacks LineStar Integrity Services, a Houston-based company that sells auditing, compliance, maintenance, and technology services to pipeline customer, gets it's data leaked Splunk Announces $1 Billion Investment from Silver Lake Biden's Cyber Executive Order to include “software bill of materials” (SBOM) that vendors would be required to provide EU to launch rapid response cybersecurity team Microsoft Patches Six Zero-Day Security Holes ---------------------------------------------------------

US Recovers Millions Paid To Colonial Pipeline Ransomware Hackers - VMO Expert Comments on Information Security Buzz

BACKGROUND: The US investigators have recovered millions in cryptocurrency they say was paid in ransom to hackers whose attack prompted the shutdown of the key East Coast pipeline last month, the  Justice  Department announced Monday. Specifically, the Justice Department said it seized approximately $2.3 million in Bitcoins paid to individuals in a  criminal  hacking group known as DarkSide. The FBI said it has been investigating DarkSide, which is said to share its malware tools with other criminal hackers, for over a year. Read the comments here .

Ransomware Draws Government Attention - VMO Expert Comments on Information Security Buzz

BACKGROUND: The US government’s response to the ever growing threat of ransomware is long overdue, but is it too late? With more priority set to be placed on  ransomware  attacks and the consequential investigations, we’re in a prime position to make strides in  preventing   these attacks.  Read the Comments here .

Leaked Spreadsheet Exposes Details Of UK Special Forces Soldiers - VMO Expert Comments on Information Security Buzz

BACKGROUND: A leaked spreadsheet circulating around WhatsApp has exposed the  personal  details of more than one thousand UK Special Forces soldiers, which are meant to remain secret. The Register , which has seen the leaked spreadsheet, says it contains details of 1,182 British soldiers who were recently promoted from corporal to sergeant. Some included soldiers posted in  sensitive  units, such as the Special Reconnaissance Regiment, Special Boat Service and Special Air Service. Read the Comments here ..

Siloscape: this new malware targets Windows containers

A new brand of malware designed to compromise Windows containers to reach Kubernetes clusters has been revealed by researchers. It's called Siloscape because its overall aim is to escape Windows containers via a server silo. Read more here .

Fujitsu Ransomware Attack

  Fujitsu, a Japanese Multinational Information and Communication Technology equipment company, announced that there was a possible intrusion attempt to their servers. Due to the unauthorized access, they are unable to process or accept orders. Their network is partially shutdown and disconnected from network. Customers who use their technology equipment and network products may also face disruption in service. Read the announcement here .

VMware Urges Customers to Patch a Critical Vulnerability

VMware recently announced that it's vCenter Server has a critical bug that needs to be patched immediately. The vulnerability (CVE-2021-21985 &  CVE-2021-21986) has a rating of High and VMware is asking customers to pay immediate attention. The company has already released the patch for the security hole that a hacker could exploit by accessing vCenter Server over the port 443. The patch would first fix the ability to execute code remotely, and secondly it will improve the Server Plugin Framework to strengthen the plugin authentication. VMware advised that if you can't patch it immediately, then you should stop using vSAN. There is other critical advisory that you can find in their news release here . What should I be doing? If you are in technology team, then you probably already know what to do. If you are in Vendor Management / Sourcing, then you should get in touch with your TAO and Cyber Security team to provide any contractual support that they might need. Keep your V

Canada Post Informs Customers of Data Breach

Canada Post informed 44 of its large business customers of a data breach due to a malware attack on one of its suppliers called Commport Communications. Read the news release here . The vendor notified Canada post last week that the manifest data that contains the names and addresses of customers (both sender and receiver) and in few cases email addresses and phone numbers had been compromised. Canada Post uses this vendor to manage shipping manifest data of large parcel customers. Canada Post claims that no financial information was compromised, but the breach contains data of 950K receiving customers. 97% of the stolen data only contains names and addresses, and 3% contains the contact information.  Views might differ, but from privacy perspective the impact is minimal. Name and address is public information, and hackers are looking to steal financial information or find opportunities to sell data for financial gain. Name and Physical address doesn't give them that opportunity. T