Colombian real estate firm exposes personal records of over 100K customers.
Views expressed in this cybersecurity, cybercrime, and intelligence update are those of the reporters and correspondents.
Accessed on 23 September 2021, 1405 UTC.
Content supplied by “Cyware.com.”
Source:
https://cyware.com/cyber-security-news-articles
Please click link or scroll down to read your selections.
Latest Cybersecurity News And Articles
Colombian Real Estate Firm Exposes Personal Records of Over 100,000 Customers
More than one terabyte of data containing 5.5 million files has been left exposed, leaking personal information of over 100,000 customers of a Colombian real estate firm, according to WizCase.
Apple will disable insecure TLS in future iOS, macOS releases
Apple has deprecated the insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols in recently launched iOS and macOS versions and plans to remove support in future releases altogether.
Crystal Valley Cooperative Becomes Latest Agriculture Business Hit with Ransomware Attack
The company released a statement on its website Tuesday afternoon, but the website is currently down as of Wednesday. The firm confirmed that it had been hit with a ransomware attack on September 19.
Ransomware attack levels soaring, now accounting for 69% of all attacks involving malware
The research by Positive Technologies also reveals that the volume of attacks on governmental institutions, in particular, soared from 12% in the first quarter of 2021 to 20% in the second quarter.
US Real Estate Firm Marcus & Millichap Suffers Potential Attack by BlackMatter Ransomware
US real estate investment firm Marcus & Millichap suffered a recent cyberattack that may have been the work of the BlackMatter ransomware gang, according to a malware sample found on Hatching Triage.
Biden administration issuing new security guidance to companies aimed at blunting cyberattacks
The Biden administration is issuing new security guidance to critical infrastructure firms in an attempt to blunt the impact of ransomware and other hacks, following a series of attacks on US companies.
CISA Warns of Conti Ransomware Activity, Highlights More Than 400 Incidents Against U.S. Organizations
CISA sent out an advisory on Wednesday centered around the Conti ransomware, providing detailed information for the cybersecurity community about the ransomware group and its affiliates.
LG acquires Israeli automotive cybersecurity startup Cybellum
LG signed a deal with the startup to acquire 63.9% of its shares. LG will also acquire additional shares of Cybellum by the year’s end, with the amount to be finalized then.
Google, Microsoft and Oracle generated most vulnerabilities in 2021
In H1 2021, Google holds the top slot with over 547 vulnerabilities, Microsoft was second with 432 unwanted exposure instances and Oracle is on number three with 316 vulnerabilities.
How REvil May Have Ripped Off Its Own Affiliates
Malware specialists have found evidence of how REvil ransomware’s leadership may have hijacked chats with victims of their own affiliates to cut them out of their ransomware payouts.
Users increasingly willing to abandon digital platforms that demand personal info, stringent passwords and time-consuming forms: study
A survey found that 77% of respondents have already abandoned or stopped creating an online account due to demands for too much personal information (40%) and too many security steps (29%).
MSHTML attack targets Russian state rocket centre and interior ministry
Malwarebytes has reason to believe that the MSHTML vulnerability listed under CVE-2021-40444 is being used to target Russian entities through malicious email attachments.
Phishing as a Ransomware Precursor
As ransomware continues to be delivered based on decisions and actions taken by human attackers, it becomes increasingly important to look upstream at the chain of events that lead to that decision.
RaidForums data marketplace accidentally exposes private staff page
On RaidForums, the “Staff General” section is typically restricted to internal staff members only, but in an ironic twist of fate, the private section was accidentally left open for viewing by anyone.
Data breach at Texas behavioral health center affects more than 24,000
A data breach at Texas behavioral health provider Texoma Community Center affected more than 24,000 people and highlights how timelines for breach notification may lag behind security events.
Malicious PowerPoint Documents Used to Distribute AgentTesla RAT
McAfee Labs have observed a new phishing campaign that utilizes macro capabilities available in Microsoft PowerPoint. In this campaign, the spam email comes with a PowerPoint file as an attachment.
The Record by Recorded Future
The Deputy Minister of National Defense said that the phones were selected because they had been previously identified “by the international community as posing certain cyber security risks.”
Operation Layover by Nigerian Threat Actor Targets Aviation Sector
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_49832683.jpg "Operation Layover by Nigerian Threat Actor Targets Aviation Sector - Cybersecurity news")
Cisco Talos uncovered a three-year-long espionage campaign, dubbed Operation Layover, aimed at the airline industry. Cybercriminals are spreading AsyncRAT and njRAT via malicious documents. In the ongoing campaign, attackers can change their crypter/attack vector and continue stealing from victims … Read More
Hacking Incidents Lead to 2 Big Eye Care Provider Breaches
New Jersey-based USV Optical Inc. – a subsidiary of U.S.Vision on Sept. 3 reported to HHS’ Office for Civil Rights a hacking IT incident involving a network server and affecting 180,000 individuals.
Cring ransomware group exploits ancient ColdFusion server
In an attack recently investigated by Sophos, an unknown threat actor exploited an ancient-in-internet-years vulnerability in an 11-year-old installation of Adobe ColdFusion 9 to infect the server.
Osano, a data privacy platform, raises $11M
Osano, a data privacy platform that helps websites become compliant with international regulations, today announced that it closed an $11 million funding round led by Jump Capital.
New Nagios Software Bugs Could Let Hackers Take Over IT Infrastructures
As many as 11 security vulnerabilities have been disclosed in Nagios network management systems, some of which could be chained to achieve pre-authenticated remote code execution.
Ransomware Gangs Attack Missouri Delta Medical Center and Barlow Respiratory Hospital
Barlow Respiratory Hospital said while the attack affected several IT systems, the hospital was able to continue to operate under its emergency procedures and patient care was not interrupted.
