CISA to access agencies’ end points, help enhance security.

Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.

Accessed on 13 October 2021, 1247 UTC.

Content supplied by


Please click link or scroll down to read your selections.

Filter Alerts by

Latest Cybersecurity News And Articles

CISA to Access Agencies’ Endpoints, Help Enhance Security

A new memorandum from the Office of Management and Budget sets a 90-day deadline for CISA to assess existing endpoint detection and response, or EDR, deployments at federal agencies.

Phishing Campaign Uses Mathematical Symbols to Trick AI-based Spam Detectors

In this case, the actors are using a square root symbol, a logical NOR operator, or the checkmark symbol itself, all helping to create a slight optical differentiation to bypass spam detectors.

Python-based FreakOut Botnet Adds PoC Exploit for Visual Tools DVRs to its Arsenal

Operators behind the FreakOut (aka Necro, N3Cr0m0rPh) Python botnet have added a PoC exploit for Visual Tools DVR, a professional digital video recorder used in surveillance video systems.

Cybersecurity threat hunters seek legal protections

Cybersecurity Advisors Network (CyAN) has created a new working group to advocate for legislation that stops vendors from suing when security researchers show them zero-day bugs in their kit.

Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows

Cisco Talos recently discovered two vulnerabilities in the Anker Eufy Homebase. The Eufy Homebase 2 is the video storage and networking gateway that works with Anker’s Eufy Smarthome ecosystem.

Dutch police send warning letters to DDoS booter customers

The police learned about their activity after starting to investigate the website in 2020, following complaints from a game server that was the victim of a DDoS attack via

Adobe addresses four critical flaws in its products

The IT giant addressed four vulnerabilities in Acrobat and Reader for Windows and macOS, including two critical arbitrary code execution flaws, tracked as CVE-2021-40728 and CVE-2021-40731.

RealDefense Acquires STOPzilla

Antivirus and anti-malware brand STOPzilla has been acquired by California holding company RealDefense. The deal marks RealDefense’s fourth acquisition in the security sector.

Photo editor Android app STILL sitting on Google Play store is malware

Like many Android apps, the “Blender Photo Editor-Easy Photo Background Editor” app comes with the Facebook sign-in functionality. Except, it also uses Facebook credentials for malicious purposes.

PyPI removes ‘mitmproxy2’ over code execution concerns

The PyPI repository has removed a Python package called ‘mitmproxy2’ that was an identical copy of the official “mitmproxy” library, but with an “artificially introduced” code execution vulnerability.

October 12, 2021

IoT Security Startup Armis Seeks Another $300M Of Funding: Report

Armis expects most of it to come from a single new strategic investor at a $3.5B valuation and anticipates that will be the company’s final funding round before pursuing an IPO, Calcalist reported.

Microsoft October 2021 Patch Tuesday fixes 4 zero-days, 71 flaws

Microsoft has fixed 74 vulnerabilities (81 including Microsoft Edge) with today’s update, with three classified as Critical, and 70 as Important, and one as Low. This also included 4 zero-day flaws.

New Iranian APT Targets Aerospace and Telecoms in Western Countries

A cyberespionage operation by MalKamak, an Iran-based hacker group, is targeting aerospace and telecom firms based in the Middle East, Russia, the U.S., and Europe. MalKamak, which uses ShellClient RAT, has targeted only a small number of targets since its alleged inception in 2018. Security team … Read More

There is Lot More About Fake iTerm2 Apps than Thought Earlier

Trend Micro sheds light on the ZuRu malware campaign that collects private data from a victim’s machine. Further analysis of the fake iTerm2 app’s Apple Distribution certificate led to the discovery of more trojanized apps on VirusTotal. S tay vigilant while downloading software online from untrus … Read More

New UEFI Bootkit Performs Espionage

A new ESPecter bootkit was uncovered that performs cyberespionage and compromises system partitions. There are signs in the malware’s components that revealed that the attackers could be Chinese-speaking. For protection, experts suggest ensuring security patches quickly.

Research Links Multiple Attack Campaigns to APT41 Group

Blackberry revealed three phishing schemes by APT41 that were targeting multiple sectors in India using COVID-19-themed phishing baits. Some of the phishing emails included information related to the latest income tax legislation targeting residents not living in India. Security teams need to … Read More

Ransomware cost US companies almost $21 billion in downtime in 2020

An analysis by Comparitech of 186 successful ransomware attacks against businesses in the United States in 2020 has shown that the companies lost almost US$21 billion due to attack-induced downtime.

InHand Router Flaws Could Expose Many Industrial Companies to Remote Attacks

Several serious vulnerabilities discovered by researchers in industrial routers made by InHand Networks could expose many organizations to remote attacks, and patches do not appear to be available.

Inside Apple: How macOS attacks are evolving

Transparency, Consent, and Control (TCC) is a system for requiring user consent to access certain data, via prompts confirming that the user is okay with an app accessing that data.

Vulnerabilities Expose exacqVision Video Surveillance Systems to Remote Attacks

Researchers at Tenable discovered critical and high-severity vulnerabilities in video surveillance systems made by Exacq Technologies, which is owned by building technology giant Johnson Controls.

October 12, 2021

Forcepoint To Acquire Cloud Security Startup Bitglass

Forcepoint said it has reached a deal to acquire cloud security startup Bitglass. The deal is expected to close later this year. The financial terms of the deal were not disclosed.

Microsoft revokes insecure SSH keys for Azure DevOps customers

Microsoft revoked insecure SSH keys some Azure DevOps have generated using a GitKraken git GUI client version impacted by an underlying issue found in one of its dependencies.

US Systems of Medical Technology Firm Olympus Hit by Cyberattack Over the Weekend

Olympus, a medical technology company, was forced to take down IT systems in the Americas (U.S., Canada, and Latin America) following a cyberattack that hit its network Sunday, October 10, 2021.

For the latest cybersecurity news and information, please check the blog sidebar, links, and twitter posts.  Thanks for joining us today.

Russ Roberts