Tag Archive: "vulnerability"
-
Discord Users Beware of Server Hijacks
Users of the popular messaging platform Discord have been targeted recently with threat actors hijacking servers and stealing assets. This has been particularly problematic in the Non-Fungible Token (NFT) space where CLA’s incident response team has recently responded to a rash of NFT’s being compromised resulting in tremendous losses. These compromises have allowed threat actors to use legitimate accounts to announce fake drops or links, where participating victims end up losing assets in fake transactions. To evade detection, sometimes these announcements are made via direct message (DM) so others cannot see what is happening.
-
FBI-Ransomware Impacting Local Governments
The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) last week related to new and evolving cybersecurity threats. In particular, the FBI confirmed that ransomware attacks have been specifically targeted against local government entities. The impact could be “significant due to the Public’s dependency on critical utilities, emergency services, educational facilities and other services overseen by local government”.
-
Cybersecurity & Infrastructure Security Agency (CISA) Malware Alert (AA22 054A)
“Sandworm”, a Russian state-backed hacker group within the GRU (Russian military intelligence organization) has released new malware called ‘Cyclops Blink’….’Cyclops Blink’ can lead to a complete network compromise, by allowing attackers to gain access to the external perimeter firewall.
-
How the Events in Ukraine Could Impact U.S. Businesses
As we watch history unfold in the Ukraine, it’s important to think about how these events can impact you and your business. One way in which you could be impacted is by a cyber-attack. The Russian government has used cyber as a key component of their force projection over the last decade. The last week has seen an unprecedented level of disruptive activity including activation of the new “HermeticWiper” malware attack discovered on February 23. While these attacks are currently focused outside the US, it is generally believed that sanctions imposing on Russia by Ukraine’s western allies, including the United States may cause retaliatory cyber-attacks here in our homeland.
-
Ransomware? – Tips to Mitigate Against Ransomware
I presume that you are also aware of the most recent attack on one of the nation’s largest pipelines that carries gas from Texas to New York. This was also as a result of ransomware. On May 13, 2021 the National Institute of Standards and Technology (NIST) released some tips and tricks for dealing with ransomware.
-
CLA Cybersecurity Alert: Microsoft Email Server Attack Update
On March 2, Microsoft first announced a series of vulnerabilities that enabled hackers to break into the company’s Exchange email, calendar programs, and in some cases integrated voice messaging. China — among others — has allegedly used this vulnerability to spy on a wide range of industries in the United States ranging from medical research to law firms to defense contractors.
-
SolarWinds Orion Vulnerability
SolarWinds, a popular software company used by organizations big and small, was the target of an advanced cyber attack that allowed fraudsters to implant a backdoor in one of their popular software products.