ClearInfosec TIB Logo
Date:Oct 20, 2021
 
      Cyber Security News
  Verizon-owned Visible acknowledges hack confirms account manipulations
The company has faced overwhelming criticism from users, who took to social media to say their accounts had been hacked and used to buy phones or make other cha...
Read More...
  CISA outlines cyberthreats targeting US water and wastewater systems
CISA listed multiple ransomware attacks on water facilities this year, including ones in California, Maine and Nevada.
Read More...
  Acer confirms second cyberattack in 2021 after ransomware incident in March
Hackers breached the Taiwanese company's servers in India this week.
Read More...
  This new ransomware encrypts your data and makes some nasty threats too
The group behind a new ransomware variant threaten to go beyond encrypting data in their attempts to force victims to pay up.
Read More...
  HP Wolf report highlights widespread exploitation of MSHTML typosquatting and malware families hosted on Discord
The HP Wolf Security threat research team said the average time for a business to apply, test and fully deploy patches with the proper checks is 97 days.
Read More...
      Best Practices
  Top cybersecurity M&A deals for 2021
2021 is shaping up to be an active year for mergers and acquisitions in the cybersecurity industry. March alone saw more than 40 firms being acquired. The le...
Read More...
  REvil ransomware explained: A widespread extortion operation
REvil is a ransomware-as-a-service (RaaS) operation that has extorted large amounts of money from organizations worldwide over the past year. Its name stands...
Read More...
  Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation
One of the vulnerabilities patched by Microsoft Tuesday has been exploited by a Chinese cyberespionage group since at least August. The attack campaigns targ...
Read More...
  Cisco Duo Trusted Access Report: More Than 50% of Companies Plan Passwordless Move
Multifactor authentications soar as enterprises move away from passwords to secure hybrid workers.
Read More...
      New Threats and Vulnerabilities
  CVE-2021-38295
In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin open...
Read More...
  CVE-2020-4951
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information.
Read More...
  CVE-2021-40728
Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected b...
Read More...
  CVE-2021-30848
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Process...
Read More...
  CVE-2021-42055
ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow attacks by a physically proximate attacker.
Read More...
      Patch Management
  Free BlackByte decryptor released after researchers say they found flaw in ransomware code
Security experts have released a free decryption tool that can be used by BlackByte ransomware victims to decrypt and recover their files. That's right - you d...
Read More...
  More than 30 countries outline efforts to stop ransomware after White House virtual summit
The countries agreed ransomware is an "escalating global security threat with serious economic and security consequences."
Read More...
  Google: Were sending out lots more phishing and malware attack warnings - heres why
Google's state-sponsored hacker alerts are outpacing last year's warnings by a big margin. Turn on multi-factor authentication, it warns.
Read More...