ClearInfosec TIB Logo
Date:Oct 27, 2021
 
      Cyber Security News
  450 million cyberattacks attempted on Japan Olympics infrastructure: NTT
NTT said the number of attacks was 2.5x times the number of attacks seen during the 2012 London Summer Olympics.
Read More...
  Ransomware: Looking for weaknesses in your own network is key to stopping attacks
Ransomware criminals look for easy targets - knowing what could be vulnerable on your network can help stop attacks.
Read More...
  Australia launches new initiative for blocking scam government texts
2,500 scam texts were blocked in 12 months as part of the government initiative's pilot program.
Read More...
  CISA warns of remote code execution vulnerability with Discourse
Discourse released a patch for CVE-2021-41163 on Friday.
Read More...
  These ransomware criminals lost millions of dollars in payments when researchers secretly found mistakes in their code
BlackMatter ransomware had a bug that allowed cybersecurity researchers at Emsisoft to hand out decryption keys to victims -- removing the need to pay ransoms.
Read More...
  Ransomware has proliferated because its largely uncontested says GCHQ boss
Ransomware gangs are making big money today because there has been no coordinated effort to halt the profits, says Sir Jeremy Fleming.
Read More...
      Best Practices
  Detecting anomalies with TLS fingerprints could pinpoint supply chain compromises
Intrusions where hackers compromise the infrastructure of software developers and Trojanize their legitimate updates are hard to detect by users of the impac...
Read More...
  Security Teams Still Favor Prevention Over Detection
Security leaders are adopting a multilayered approach to address new security threats and risks.
Read More...
  Nearly Three-Quarters of Organizations Victimized by DNS Attacks in Past 12 Months
Response and recovery have significant impact on 58% of targeted businesses.
Read More...
  7 Ways to Lock Down Enterprise Printers
Following the PrintNightmare case, printer security has become a hot issue for security teams. Here are seven ways to keep printers secure on enterprise network...
Read More...
      New Threats and Vulnerabilities
  CVE-2021-27746
"HCL Connections Security Update for Reflected Cross-Site Scripting (XSS) Vulnerability"
Read More...
  CVE-2021-29883
IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on authorization tokens or session cookies...
Read More...
  CVE-2021-40719
Adobe Connect version 11.2.2 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method invocation when AMF mess...
Read More...
  CVE-2021-21703
In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as r...
Read More...
  CVE-2021-1529
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The ...
Read More...
      Patch Management
  Multiple governments involved in coordinated takedown of REvil ransomware group: Reuters
After widespread speculation, US officials reportedly worked with the private sectors and other unnamed countries to disrupt REvil's operation.
Read More...
  Google disrupts massive phishing and malware campaign
Hackers were collecting YouTubers' email addresses from their channels, phishing them with bogus business opportunities, and then hijacking their accounts.
Read More...
  TA551 Shifts Tactics to Install Sliver Red-Teaming Tool
A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment.
Read More...