MSP & IT Security Feed - News

Federal agencies get new cybersecurity response playbooks (11/16/2021 from The Record)
Exchange Exploit Leads to Domain Wide Ransomware (11/15/2021 from The DFIR Report)
Official FBI email server hacked, used to send fake threat (11/13/2021 from The Record)
macOS zero-day deployed via Hong Kong pro-democracy news sites (11/11/2021 from The Record)
Bill proposes large financial institutions to report ransomware attacks, cap payments (11/11/2021 from SC Media)
BazarBackdoor now abuses Windows 10 app feature in ‘call me back’ attack (11/11/2021 from ZDNet)
Microsoft: Chinese hackers are targeting Zoho ManageEngine software (11/9/2021 from ZDNet)

HTTPS threats grow more than 314% through 2021: Report (10/28/2021 from ZDNet)
Attackers Hijack Craigslist Emails to Bypass Security, Deliver Malware (10/26/2021 from Threatpost)
NOBELIUM targeting delegated administrative privileges to facilitate broader attacks (10/25/2021 from Microsoft )
AWS patches bug that left its WAF customers exposed to SQL injection (10/21/2021 from SC Media)
Top 10 Most Exploited Vulnerabilities (10/17/2021 from Syxsense)
Misconfiguration Attacks: 5 Real-Life Attacks and Lessons Learned (10/4/2021 from Neuralegion)

Epik data breach impacts 15 million users, including non-customers (9/20/2021 from Arstechnica)
DirtyMoe: Code Signing Certificate (9/17/2021 from Decoded: Avast Threat Labs)
OWASP Top 10 ranking has a new leader after ten years (9/14/2021 from The Record)
Hackers Leak VPN Account Passwords From 87,000 Fortinet FortiGate Devices (9/9/2021 from The Hacker News)
US farm loses $9 million in the aftermath of a ransomware attack (9/2/2021 from The Record)
White House double downs on warning about cyberattacks over the holidays (9/2/2021 from The Record)

38 Million Records Exposed from Microsoft Power Apps of Dozens of Organisations (8/24/21 from The Hacker News)
New LockFile ransomware gang weaponizes ProxyShell and PetitPotam attacks (8/22/21 from The Record)
Cloudflare reports record-breaking HTTP-request DDoS attack (8/20/21 from SC Media)
100m T-Mobile Customer Records Purportedly Up for Sale (8/16/21 from Threatpost)
New AdLoad Variant Bypasses Apple’s Security Defenses to Target macOS Systems (8/16/21 from The Hacker News)
Phishing campaign leverages legit DocuSign email notifications (8/13/21 from SC Media)
WordPress Sites Abused in Aggah Spear-Phishing Campaign (8/13/21 from Threatpost)
Using AI to Scale Spear Phishing (8/13/21 from Schneier on Security)

Hackers take $600m in ‘biggest’ cryptocurrency theft (8/11/21 from ZDNet)
Laptop maker Gigabyte hit by ransomware attack (8/8/21 from TechRadar)
Routers and modems running Arcadyan firmware are under attack (8/8/21 from The Record)
The cybersecurity industry is in a state of dismay: New alliance to promote uniform XDR framework (8/3/21 from SC Media)
This new phishing attack is ‘sneakier than usual’, Microsoft warns (8/2/21 from ZDNet)
Decryptor released for Prometheus ransomware victims (8/1/21 from The Record)

Hackers leak full EA data after failed extortion attempt (7/31/21 from The Record)
DOJ says SolarWinds hack impacted 27 US attorneys’ offices (7/30/21 from The Record)
Amazon fined $887 million over EU privacy violations (7/30/21 from The Record)
Ransomware: These are the two most common ways hackers get inside your network (7/29/21 from ZDNet)
BlackMatter ransomware targets companies with revenue of $100 million and more (7/27/21 from The Record)
Even after Emotet takedown, Office docs deliver 43% of all malware downloads now (7/23/21 from ZDNet)
Wiper malware targeting Japanese PCs discovered ahead of Tokyo Olympics opening (7/22/21 from The Record)

SeriousSAM bug impacts all Windows 10 versions released in the past 2.5 years (7/21/21 from The Record)
Hundreds of millions of HP, Xerox, and Samsung printers vulnerable to new bug (7/20/21 from The Record)
Windows Hello bypassed using infrared image (7/18/21 from The Record)
Fake Zoom App Dropped by New APT ‘LuminousMoth’ (7/15/21 from Threatpost)
Cisco BPA, WSA bugs allow remote cyberattacks (7/9/21 from Threatpost)
Diving Deeper Into the Kaseya VSA Attack: REvil Returns and Other Hackers Are Riding Their Coattails (7/7/21 from Trustwave)
Malware Masquerades as Privacy Tool (7/1/21 from Proofpoint)

Secure your cloud environment for long-term success (6/30/21 from SC Media)
Costs from ransomware attack against Ireland health system reach $600M (6/29/21 from SC Media)
Cisco routers come under attack, including a destructive hacktivist campaign (6/29/21 from The Record)
Using VMs to hide ransomware attacks is becoming more popular (6/28/21 from The Record)
Microsoft says SolarWinds hacking group has breached three new victims (6/28/21 from The Record)

Eclypsium Discovers Multiple Vulnerabilities Affecting 129 Dell Models Via Dell Remote Os Recovery And Firmware Update Capabilities (6/24/21 from Eclypsium)
Zyxel says a threat actor is targeting its enterprise firewall and VPN devices (6/24/21 from The Record)
Critical Palo Alto Cyber-Defense Bug Allows Remote ‘War Room’ Access (6/23/21 from Threatpost)
Unpatched Linux Marketplace Bugs Allow Wormable Attacks, Drive-By RCE (6/23/21 from Threatpost)
SonicWall ‘Botches’ October Patch for VPN Bug (6/23/21 from Threatpost)
North Korean hackers breach South Korea’s atomic research agency through VPN bug (6/21/21 from The Record)

Threat Actors Use Google Docs to Host Phishing Attacks (6/17/21 from Threatpost)
Peloton Bike+ Bug Gives Hackers Complete Control (6/16/21 from Threatpost)
Ransomware Attackers Partnering With Cybercrime Groups to Hack High-Profile Targets (6/16/21 from The Hacker News)
Millions of Connected Cameras Open to Eavesdropping (6/15/21 from Threatpost)
Chinese Hackers Believed to be Behind Second Cyberattack on Air India (6/13/21 from The Hacker News)