Week in review: HiveNightmare on Windows 10, Kaseya obtains REvil decryptor

Here’s an overview of some of last week’s most interesting news and articles:

Kaseya obtains universal REvil decryptor
There’s finally some good news for the MSPs and their customers that have been hit by the REvil ransomware gang via compromised Kaseya VSA software: a universal decryptor has made it available to affected organizations.

DDoS attacks are up, with ever-greater network impact
With an overall rise in available network capacity, cyber criminals are increasingly targeting their victims with high intensity attacks, rather than simply congesting client links.

MITRE Engenuity launches ATT&CK Evaluations for ICS
ATT&CK for ICS provides a common language to describe the tactics and techniques that cyber adversaries use when attacking the systems that operate some of the nation’s most critical infrastructures, including energy transmission and distribution plants, oil refineries, wastewater treatment facilities, and more.

Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909)
A vulnerability (CVE-2021-33909) in the Linux kernel’s filesystem layer that may allow local, unprivileged attackers to gain root privileges on a vulnerable host has been unearthed by researchers.

Bug hunters asked to probe Microsoft Teams mobile apps, can earn up to $30k
Microsoft is looking for reports about vulnerabilities of Critical or Important severity reproducible on a fully patched operating system (iOS or Android) and the latest version of the corresponding Microsoft Teams mobile application.

Easily exploitable, unpatched Windows privilege escalation flaw revealed (CVE-2021-36934)
A researcher has unearthed an easily exploitable vulnerability (CVE-2021-36934) in Windows 10 that may allow local non-administrative users to gain administrative-level privileges. Several Windows Server versions are also vulnerable. A zero-day PoC exploit has been released.

IoT malware attacks rose 700% during the pandemic
Zscaler released a study examining the state of IoT devices left on corporate networks during a time when businesses were forced to move to a remote working environment.

40% fell victim to a phishing attack in the past month
Nearly three-quarters (74%) of respondents said their organizations have fallen victim to a phishing attack in the last year, with 40% confirming they have experienced one in the last month.

How do I select a data recovery solution for my business?
To select a suitable data recovery solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.

Protect your smartphone from radio-based attacks
Smartphones contain a plethora of radios – typically cellular, Wi-Fi, Bluetooth and Near Field Communication (NFC) – that enable wireless communication in a variety of circumstances, and these radios are designed to remain turned on as the user moves through the world. It’s important for all smartphone users to understand the security implications of these wireless interfaces.

There are new unpatched bugs in Windows Print Spooler
Security researchers have unearthed new elevation of privilege (EoP) bugs in Windows Print Spooler, one of the oldest Windows components.

Fortinet plugs RCE hole in FortiManager and FortiAnalyzer (CVE-2021-32589)
A vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer could be exploited by remote, non-authenticated attackers to execute unauthorized / malicious code as root, Fortinet has warned.

Asset inventory management: What’s the ROI?
Asset inventory management is critical to any company’s planning and accounting process.

A unified approach is the future of data backup
Though disaster recovery and backup solutions have always been critical components for any business, the pandemic put a spotlight on the many threats to data today.

Combating deepfakes: How we can future-proof our biometric identities
How worried should we be about deepfakes? What sort of threat do they pose to digital ID verification and the biometric technology that we are becoming so reliant on, and are there ways to combat the threat?

Is differential privacy the ideal privacy-enhancing computation technique for your business?
Let’s explore some of the challenges and opportunities of integrating privacy-enhancing computation capabilities into operations, with special attention on differential privacy.

Vaccinate your data: Addressing and adapting to new data risks
As hybrid working becomes the norm and data sets inevitably continue to grow, data privacy, compliance and protection officers need to ensure they are fully immunized against new data risks to keep the trust of their employees, partners, and customers alike.

Questions that help CISOs and boards have each other’s back
Boards of directors and executives seem increasingly interested in understanding their companies’ security posture. This interest presents an opportunity for security teams.

Product showcase: Action1 RMM
Action1 RMM is a cloud-native, all-in-one solution that provides visibility and control over all your endpoints from one web-based console. It is free for organizations with up to 50 endpoints, without limitations or hidden costs.

New infosec products of the week: July 23, 2021
A rundown of infosec products released last week.

More about

Don't miss