Cybersecurity

Threat Awareness – Microsoft and Okta Investigating Data Leaks

The cybercriminal group Lapsus$ claims to have successfully compromised Microsoft’s internal Azure DevOps server and stolen source code for Bing, Cortana virtual assistant, and other projects. Yesterday, the threat actors leaked around 40 Gb of data stolen from Microsoft and claimed to have targeted LGE corporation and identity and access management company Okta. Lapsus$ is a data extortion cyber group that compromises business networks to steal source code, customer lists, databases, and other valuable data.

Read more about Threat Awareness – Microsoft and Okta Investigating Data Leaks

Security Awareness – Emotet Impersonating IRS in New Phishing Scam

The infamous malware botnet Emotet continues to resurge and propagate through persistent scams. Recently, Emotet was observed in a campaign leveraging tax season themed lures and impersonating the IRS to trick victims into downloading the malicious botnet. In these new campaigns, Emotet threat actors send out supposed “tax documents” for recipients to view or fill out and return to the sender.

Read more about Security Awareness – Emotet Impersonating IRS in New Phishing Scam

Indicators of Compromise Associated with AvosLocker Ransomware

The FBI and the Department of the Treasury released a joint Cybersecurity Advisory (CSA) detailing indicators of compromise associated with AvosLocker ransomware. AvosLocker operates as a Ransomware-as-a-Service (RaaS) affiliate-based group and has targeted several critical infrastructure sectors in the U.S. and across the world, including government facilities.

Read more about Indicators of Compromise Associated with AvosLocker Ransomware

Ransomware Awareness – LokiLocker Ransomware

Security researchers have identified a new Ransomware-as-a-Service (Raas) family dubbed LokiLocker that has been active in the wild since August 2021. The ransomware employs file encryption to extort its victims and data wiping capabilities that can make an infected device unusable if a victim fails to pay the ransom. To obfuscate its activities, LokiLocker displays a fake Windows Update screen and disables multiple Windows security applications. It also deletes backup files and shadow copies to prevent data recovery.

Read more about Ransomware Awareness – LokiLocker Ransomware

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 17, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Treck TCP/IP Stack (Update H) - Product Used in Energy Sector

Alerts, Updates, and Bulletins:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 17, 2022

Russian State-Sponsored Actors Combine Exploits to MFA Protocols and a Known Vulnerability

Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) – Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability (AA22-074A) – to warn organizations that Russian state-sponsored cyber actors have gained network access through exploitatio

Read more about Russian State-Sponsored Actors Combine Exploits to MFA Protocols and a Known Vulnerability

Security Awareness – BazarBackdoor Spreading via Corporate Contact Forms

The BazarBackdoor malware has been observed spreading via corporate website contact forms rather than its typical phishing email attack chain, allowing it to evade security software.

Read more about Security Awareness – BazarBackdoor Spreading via Corporate Contact Forms

Threat Awareness – Active Qakbot Email Phishing Campaign

The Qbot/Qakbot malware is “extremely active” and propagating itself via a new phishing campaign, according to security researchers. The botnet, which WaterISAC has reported on numerous times, is a highly modular malware used for many malign activities such as credential harvesting and dropping ransomware.

Read more about Threat Awareness – Active Qakbot Email Phishing Campaign

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 15, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Alerts, Updates, and Bulletins:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 15, 2022

The Cyber Incident Reporting for Critical Infrastructure Act of 2022 and its Applicability to Water and Wastewater Systems

Approved by the House of Representatives on March 9, 2022 and the Senate on March 10 as Division Y of H.R. 2471, the Consolidated Appropriations Act of 2022.

Brief summary:

Read more about The Cyber Incident Reporting for Critical Infrastructure Act of 2022 and its Applicability to Water and Wastewater Systems

You are here

Cybersecurity

Threat Awareness – Microsoft and Okta Investigating Data Leaks

Security Awareness – Emotet Impersonating IRS in New Phishing Scam

Indicators of Compromise Associated with AvosLocker Ransomware

Ransomware Awareness – LokiLocker Ransomware

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 17, 2022

Russian State-Sponsored Actors Combine Exploits to MFA Protocols and a Known Vulnerability

Security Awareness – BazarBackdoor Spreading via Corporate Contact Forms

Threat Awareness – Active Qakbot Email Phishing Campaign

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 15, 2022

The Cyber Incident Reporting for Critical Infrastructure Act of 2022 and its Applicability to Water and Wastewater Systems

Pages

You are here

Cybersecurity

Pages

Footer Email Signup