Cyber Security Today, Sept. 29, 2021 – A new ransomware gang pops up, another open database found, Nobelium has a new hacking tool and more

A new ransomware gang pops up, another open database found, Nobelium has a new hacking tool and more.

Welcome to Cyber Security Today. It’s Wednesday September 29th. I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.

A new ransomware strain has been discovered. Given the nickname Colossus by researchers at ZeroFox, the threat actor claim it has already victimized an American firm that owns several car dealerships. The attacker is threatening to make public 200 GB of stolen data unless the company pays $400,000. That ransom will go up the longer the company waits.

As always the best ways to defend against ransomware – and any cyber attack – include making sure corporate antivirus and intrusion detection software are up to date, enabling multifactor authentication for all employees and contractors, restricting access to sensitive data to only those who need it, and segmenting network resources so ransomware can’t spread across different systems.

Another person has apparently been careless with a corporate database. This time the company involved runs the children’s book website called FarFaria. Security researcher Bob Diachenko at Comparitch discovered an open database belonging to the site with information on almost three million users such as their email addresses, login authentication tokens and other data. When Diachenko alerted the company access to the database was restricted. Often the fault of such incidents is a user not properly configuring the database for security.

Attention administrators of the on-premise version Microsoft Exchange email server: Microsoft has added a new feature in the September cumulative update to help improve security. Called the Emergency Mitigation service, it automatically applies mitigations to Exchange created by Microsoft. Mitigations are temporary fixes for issues until a security update can be installed. While the Emergency Mitigation service is installed automatically with the September cumulative update, it can be turned off if the admin prefers to use the identical but cloud-based Exchange On-premises Mitigation Tool.

Microsoft has also discovered that the threat actor behind the SolarWinds attack that it calls Nobelium has a new tool in its arsenal. It’s another backdoor into IT systems. Its goal is to steal the configuration database of a compromised Active Directory Federation Services server. The directory would have all of the usernames and passwords of employees. It’s vital that Windows administrators audit their on-premise and cloud infrastructure to make sure they haven’t been compromised. There’s a link to the detailed report here.

Another report this week again warns software developers of the dangers of writing unsafe applications. Palo Alto Networks says when it was hired to test a large, unnamed software-as-a-service provider it found lots of misconfigurations. In fact it took only one researcher three days to find critical software development flaws that could have led to a successful cyber attack. The lesson is cloud applications can be just as vulnerable as on-premise software to what are called supply chain attacks that insert bad code or flaws. These problems can range from using flawed frameworks to bad open-source code. DevOps and security teams must gain visibility into the bill of materials in every cloud workload before final code is approved, says the report.

Finally, last week I reported that a Canadian-based voice over IP phone provider had been badly hit by a distributed denial of service attack. This week’s victim is a U.S.-based VoIP and messaging provider called Bandwidth.com. Its service is used by other VoIP providers. By Tuesday Bandwidth.com said it had mitigated much of the attack. But hackers appear to have realized that VoIP providers, as well as internet providers, are vulnerable to DDoS attacks.

That’s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

Note: This article have been indexed to our site. We do not claim ownership or copyright of any of the content above. To see the article at original source Click Here

Related Posts
Trade.com Hires Michalis Tsaousellis as Chief Dealer thumbnail

Trade.com Hires Michalis Tsaousellis as Chief Dealer

Trade Capital Markets (TCM) Limited, the operator of forex and CFDs broker Trade.com, has hired Michalis Tsaousellis as the Chief Dealer. Based in Cyprus, he is responsible for managing the company’s trading team, developing and introducing new products, and optimizing the product development process. Further, he is overseeing and analyzing traded market risk activities.Trade.com Cyprus
Read More
Axie Infinity: First NFT Collection to Involve Over $ 2 Billion thumbnail

Axie Infinity: First NFT Collection to Involve Over $ 2 Billion

El videojuego en línea basado en NFT Axie Infinity marcó un récord histórico al superar los u$s 2,18 mil millones según el buscador de aplicaciones descentralizadas DappRadar.Es la primera colección de NFTs que logra estos valores, superando por casi u$s 1.000 millones a la segunda, CryptoPunks.El videojuego más famoso de la modalidad play to earn,…
Read More
Megjósolták: ez várhat a világra, ha Oroszország lerohanja Ukrajnát thumbnail

Megjósolták: ez várhat a világra, ha Oroszország lerohanja Ukrajnát

Hogyan nézne ki egy orosz támadás Ukrajna ellen, és mit tenne a Nyugat? Ha az oroszok támadást indítanának, azt mindenképpen igazolnák valamiképpen a köz számára. Amerikai vélekedések szerint Oroszország egy „hamis zászlós” műveletet készíthet elő, amely kiválthatná a katonai hadműveletet. A hamis zászlós akció egy megrendezett háborús okot jelent – Washington éppen a múlt héten…
Read More
Optimism marks opening of Wall Street on OPEC decision day thumbnail

Optimism marks opening of Wall Street on OPEC decision day

Notícias em Destaque Notícia Mercados Mercados num minuto Ao minuto04.01.2022 Acompanhe aqui o dia nos mercados. 04.01.2022 Stoxx marca novo recorde com regresso de apetite pelo risco As bolsas europeias voltaram hoje a ganhar terreno, com o apetite pelo risco a regressar devido à expectativa de que a variante ómicron do coronavírus não fará descarrilar…
Read More
MF: the fee for the conversion of perpetual usufruct into ownership includes VAT thumbnail

MF: the fee for the conversion of perpetual usufruct into ownership includes VAT

Drogi Użytkowniku! W związku z odwiedzaniem naszych serwisów internetowych możemy przetwarzać Twój adres IP, pliki cookies i podobne dane nt. aktywności lub urządzeń użytkownika. Jeżeli dane te pozwalają zidentyfikować Twoją tożsamość, wówczas będą traktowane dodatkowo jako dane osobowe zgodnie z Rozporządzeniem Parlamentu Europejskiego i Rady 2016/679 (RODO). Administratora tych danych, cele i podstawy przetwarzania oraz…
Read More
Index Of News
Total
0
Share