Author Archives: mlmcadams

I'm an artist, IT engineer, Cybersecurity geek, coffee connoisseur, travel and weather nerd, and a gamer.

Now HelloKitty Ransomware targets VMWare Servers

“Linux version of HelloKitty ransomware targets VMware ESXi servers” via Lawrence Abrams | Bleeping Computer

“The ransomware gang behind the highly publicized attack on CD Projekt Red uses a Linux variant that targets VMware’s ESXi virtual machine platform for maximum damage.

As the enterprise increasingly moves to virtual machines for easier backup and resource management, ransomware gangs are evolving their tactics to create Linux encryptors that target”…

More detail: https://www.bleepingcomputer.com/news/security/linux-version-of-hellokitty-ransomware-targets-vmware-esxi-servers/

Singapore Invests in Advancement of A.I. and Cybersecurity Research

“Singapore is launching a $50 million program to advance research on AI and cybersecurity” via Saheli Roy Choudhury | CNBC

“SINGAPORE — Singapore plans to invest $50 million in a program to support research on AI and cybersecurity for future communications structures, Deputy Prime Minister Heng Swee Keat announced on Tuesday.

As part of the Future Communications Research & Development Programme, Singapore plans to set up new communications testbeds in 5G and beyond-5G, support technology development, and build up a…”

More detail: https://www.cnbc.com/2021/07/13/singapore-to-launch-50-million-program-in-ai-cybersecurity-research-for-5g.html

Raid on Illegal Cryptomining Operation Seized Thousands of PS4s

“Thousands of PS4s seized in Ukraine in illegal cryptocurrency mining sting” via Charlie Osborne | ZDNet

“Thousands of PlayStation 4 gaming consoles have been seized after their discovery in an old warehouse, used to illicitly mine for cryptocurrency.

Ukraine’s Security Service said last week that in the city of Vinnytsia, located along the Southern Bug river, there was an abandoned warehouse in its industrial area that once belonged to…”

More detail: https://www.zdnet.com/article/thousands-of-ps4s-seized-in-ukraine-in-illegal-cryptocurrency-mining-sting/

0Day Used Against Orgs via CyberThreat Group

“Hackers used SolarWinds zero-day bug to target US Defense orgs” via Lawrence Abrams | Bleeping Computer

“China-based hackers actively target US defense and software companies using a vulnerability in the SolarWinds Serv-U FTP server.

Today, SolarWinds released a security update for a zero-day vulnerability in Serv-U FTP servers that allow remote code execution when SSH is enabled.

According to SolarWinds, this vulnerability was disclosed to Microsoft, who saw a threat actor actively exploiting the vulnerability to execute commands on vulnerable customer’s devices.”

More detail: https://www.bleepingcomputer.com/news/microsoft/hackers-used-solarwinds-zero-day-bug-to-target-us-defense-orgs/

RiskIQ to be Acquired by Microsoft

“Microsoft to acquire RiskIQ to strengthen cybersecurity of digital transformation and hybrid work” via Emma Jones | Microsoft Security Blog

“Organizations are increasingly using the cloud to reimagine every facet of their business. Hybrid work has accelerated this digital transformation, and customers are challenged with the increasing sophistication and frequency of cyberattacks. Today, Microsoft is announcing that we have entered into a definitive agreement to acquire RiskIQ, a leader in global threat intelligence and attack surface management, to help our shared customers build a more comprehensive view of the global threats to their businesses, better understand vulnerable internet-facing assets, and build world-class threat intelligence.”

More detail: https://www.microsoft.com/security/blog/2021/07/12/microsoft-to-acquire-riskiq-to-strengthen-cybersecurity-of-digital-transformation-and-hybrid-work/

25 Didi Apps Removed after Investigation Launch

“China to remove 25 Didi apps from store as crackdown intensifies” via Reuters

“administration on Friday said it would remove 25 mobile apps operated by Didi Global Inc from app stores as the government stepped up a crackdown on the ride-hailing giant.

The apps in question used data that was illegally collected by Didi and include those for its delivery service, camera device and finance services, the Cyberspace Administration of China said in a statement.”

More detail: https://finance.yahoo.com/amphtml/news/china-cyberspace-administration-says-remove-142715192.html

Complex Social Engineering Targeted by New Framework

“New Framework Aims to Describe & Address Complex Social Engineering Attacks” via Kelly Sheridan | Dark Reading

“Deepfake and related synthetic media technologies have helped attackers develop ever-more-realistic social engineering attacks in recent years, putting pressure on defenders to change the strategies they use to detect and address them.

The FBI warned synthetic media will play a greater role in cyberattacks in March, when officials predicted “malicious actors almost certainly will leverage synthetic content for cyber and foreign influence operations in the next 12-18 months.” Some criminals have already started: in 2019, attackers used artificial intelligence-based software to impersonate the voice of a chief executive and in doing so, facilitate a transfer of $243,000 USD from the target organization.”

More details: https://beta.darkreading.com/threat-intelligence/new-framework-aims-to-describe-address-complex-social-engineering-attacks

Remote Work Monitoring and Privacy

Found this great article detailing privacy and remote work:

“Remote Workforce Monitoring Brings Up Privacy Concerns” via Security Boulevard

“The pandemic paved the way for expanded remote work possibilities, but companies looking to ensure employees remain on the job while at home have led some to consider technologies to digitally monitor worker activity, in some cases through AI.

Those initiatives come laden with thorny privacy concerns, legal landmines and, more than likely, stiff resistance from employees themselves—a recent report from IT research firm Gartner indicates 10% of workers would try to trick AI-driven tracking systems.”

More detail: https://securityboulevard.com/2021/07/remote-workforce-monitoring-brings-up-privacy-concerns/