Ransomware hackers alleged harassment from U.S.

Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.

Accessed on 23 October 2021, 1322 UTC.

Content provided by https://cyware.com.

Source: https://cyware.com/cyber-security-news-articles

Please click link or scroll down to read your selections.

October 22, 2021

Ransomware hackers nervous, allege harassment from U.S.

Several ransomware gangs posted lengthy anti-U.S. screeds. They appear prompted by the news that the FBI had successfully hacked and taken down another major ransomware group called REvil.

October 22, 2021

After Nation-State Hackers, Cybercriminals Also Add Sliver Pentest Tool to Arsenal

The cybercriminal group tracked as TA551 recently showed a significant change in tactics with the addition of the open-source pentest tool Sliver to its arsenal, according to cybersecurity firm Proofpoint.

October 22, 2021

Hackers Set Up Fake Company to Get IT Experts to Launch Ransomware Attacks

The financially motivated FIN7 gang has masqueraded as yet another fictitious cybersecurity company called “Bastion Secure” to recruit unwitting software engineers under the guise of penetration testing in a likely lead-up to a ransomware scheme.

Malicious Packages Disguised as JavaScript Libraries Found

Researchers at open-source software firm Sonatype have uncovered multiple malicious packages that disguise themselves as legitimate JavaScript libraries on npm registries to launch cryptominers on Windows, macOS and Linux machines.

Groove ransomware calls on all extortion gangs to attack US interests

The Groove ransomware cybercriminal group is calling on other ransomware extortion groups to attack US interests after law enforcement took down REvil’s infrastructure last week.

This monster of a phishing campaign is after your passwords

Microsoft has detailed an unusual phishing campaign aimed at stealing passwords that uses the ZooToday phishing kit built using pieces of code copied from other hackers’ work.

Swiss exhibitions organizer MCH Group hit by cyberattack

Swiss events organizer and marketing company MCH Group was hit by a malware attack on Wednesday (October 20). The firm says it is working to get systems up and running again.

CISA Awards $2M to Cybersecurity Training Programs

The United States’ Cybersecurity and Infrastructure Security Agency (CISA) has awarded two organizations, NPower and CyberWarrior, $2m to develop cybersecurity workforce training programs.

October 22, 2021

DarkSide Ransomware Gang Moves Bitcoin Reserves After REvil Got Hit by Law Enforcement Action

The operators of the Darkside and BlackMatter ransomware strains have moved a large chunk of their Bitcoin reserves after news broke that REvil was hit by a law enforcement takedown.

October 22, 2021

Turkish cybersecurity venture raises $24M to accelerate expansion

This latest round takes the total funding Picus has received to $33 million. The company plans to use the funds to help accelerate its expansion in EMEA and APAC countries.

October 22, 2021

Microsoft announces security programs for nonprofits as nation-state attacks increase

Microsoft unveiled a new suite of tools on Thursday built to protect nonprofits as threats against philanthropic organizations globally have skyrocketed, particularly from nation-states.

Massive Attack Campaign Uses YouTube to Deliver Password-Stealing Malware

When installed, the malware will communicate with a Command & Control server, where it waits for commands to execute by the attacker, which could entail the running of additional malware.

Google launches Android Enterprise bug bounty program

Google announced the launch of its first bug bounty program for Android Enterprise with rewards of up to $250,000. This builds on the introduction of several security enhancements in Android 12.

Microsoft, Intel and Goldman Sachs Team Up For New Supply Chain Security Initiative

As part of the non-profit Trusted Computing Group (TCG), the companies have created a new Supply Chain Security workgroup that will aim to bring in experts from across the tech sphere.

Scraped Profile Data of 2.6 Million Instagram and TikTok Users Exposed by Unsecured Server at IGBlade

Security researchers have discovered over two million social media user profiles scraped from the internet after they were unwittingly exposed online by an analytics firm, Infosecurity can reveal.

October 22, 2021

Cyber incident impact sits at over $500,000 for half of small to medium APAC businesses

51% of Asia Pacific small to medium-sized businesses that were hit with a cyber incident in the past year saw the cost of that incident exceed $500,000, according to a survey conducted by Cisco.

Critical Vulnerabilities Found in AUVESY Product Used by Major Industrial Firms

A total of 17 types of vulnerabilities, including many rated critical and high severity, have been found by researchers in the Versiondog data management product made by AUVESY.

U.S. Government Bans Sale of Hacking Tools to Authoritarian Regimes

The mandate, which is set to go into effect in 90 days, will forbid the export, re-export, and transfer of “cybersecurity items” to countries of national security or WMD concerns without a license.

October 22, 2021

KnowBe4 To Buy Awareness Startup SecurityAdvisor For $80M

KnowBe4 has agreed to purchase startup SecurityAdvisor to better identify and correlate human-behavior-driven security alerts generated across each layer of the existing security stack.

RedLine Stealer identified as primary source of stolen credentials on two dark web markets

First spotted in March 2020, the RedLine Stealer is an infostealer. Once it infects a computer, its primary purpose is to collect as much user data as possible and then send it to the attackers.

Cybercriminals Hide RAT Malware as Adult Game to Infect Users via Webhards and Torrents

The attackers are using easily obtainable malware such as njRAT and UDP RAT, wrap them in a package that appears like a game or other program, and then upload them on WebHard.

HTTPS Attestable: Remote, secure, verified enclaves proposed

Two Intel staffers believe web services can be made more secure by not only carrying out computations in remote trusted execution environments, but by also verifying for clients that this was done so.

October 22, 2021

Keysight Technologies Acquires SCALABLE Network Technologies

Headquartered in Culver City, California, SCALABLE Network Technologies provides network simulation solutions to model and visualize communications networks and cyber threats.

Cybercrime matures as hackers are forced to work smarter

An analysis by Kaspersky of 500 hacking incidents across a wide range of industries has revealed trends that characterize a maturity in the way hacking groups operate today.

For the latest cybersecurity news and information, please check the blog sidebar, links, and twitter posts. Thanks for joining us today.

Russ Roberts

https://cyber-security-intelligence.org