Avaddon Ransomware Gang Shuts Down Operation and Releases Decryption Keys
Jun14

Avaddon Ransomware Gang Shuts Down Operation and Releases Decryption Keys

Avaddon ransomware is no more. The operation has been shut down and decryptors have been released that allow victims to recover their files free of charge. On June 11, 2021, Bleeping Computer received an anonymous tip which appeared to have come from the FBI and included a link to a password protected ZIP file and a password. The file included 2,934 decryption keys for Avaddon ransomware – all outstanding victims that have not yet...

Read More
SonicWall VPN Vulnerability Exploited in Attacks on Legacy SRA Appliances
Jun11

SonicWall VPN Vulnerability Exploited in Attacks on Legacy SRA Appliances

Researchers at CrowdStrike have confirmed cyber threat actors exploiting a SonicWall VPN vulnerability to attack Secure Remote Access (SRA) 4600 devices. The vulnerability, tracked as CVE-2019-7481, is not new. The bug was identified in 2019 and a patch was released to correct the flaw; however, the patch was only partially effective and did not fix the firmware bug on legacy SonicWall SRA 4600 VPN devices. Proof-of-concept exploit...

Read More
Alleged TrickBot Malware Developer Facing Decades in Jail
Jun10

Alleged TrickBot Malware Developer Facing Decades in Jail

The U.S. Department of Justice has announced a Latvian malware developer has been arraigned on a 19-count indictment for her role in the creation and operation of the TrickBot Trojan. The TrickBot Trojan first appeared in 2016 and was initially a banking Trojan used to steal bank account credentials; however, the malware has undergone significant development since and has had many more features added. Latterly, the malware has been...

Read More
New Malware Discovered Targeting Windows Containers to Plant Backdoors in Kubernetes Clusters
Jun09

New Malware Discovered Targeting Windows Containers to Plant Backdoors in Kubernetes Clusters

A new malware variant has been discovered that is believed to be the first to target Windows containers. The malware, discovered by Daniel Prizmant of Palo Alto Networks’ Unit 42 team, has been dubbed Siloscape and is capable of breaking out of Windows containers and compromising Kubernetes clusters to plant backdoors and raid nodes for credential theft. Kubernetes is used to automate the deployment, scaling, and management of...

Read More
Microsoft Patches 41 Vulnerabilities, Including 5 Critical Flaws and 7 Zero-Days
Jun08

Microsoft Patches 41 Vulnerabilities, Including 5 Critical Flaws and 7 Zero-Days

June 2021 Patch Tuesday has seen Microsoft release patches to correct 50 vulnerabilities across its range of products, including 7 zero-day vulnerabilities. Five vulnerabilities are rated critical and 45 have been rated important. 6 of the zero-day vulnerabilities patches this week are known to have been exploited in the wild. While these flaws have been exploited, all have been rated important. These are: CVE-2021-31199 –...

Read More