Adventures of ransomware, and other developments in cybercrime. Cyberespionage and hybrid warfare. A government shutdown averted. Cybersecurity Awareness Month is underway.
Double-tapping ransomware hits the same victim twice. Exim mail servers are found exposed to attack. Iran's OilRig deploys Menorah malware against Saudi targets. North Korea's Lazarus Group targets a Spanish aerospace firm. Update your ransomware scorecards: LostTrust is a rebrand of MetaEncryptor. Increased domestic surveillance in Russia, done partly so propaganda can be more effectively targeted. Killnet claims to have hit the British Royal family with a DDoS attack. Michael Denning, CEO at SecureG for Blu Ventures, shares developments in zero trust as a part of our Industry Voices segment. Rob Boyce from Accenture Security talks about Dark Web threat actors targeting macOS. And Cybersecurity Awareness Month begins this week.
Learn more about the Blu Ventures Conference here.
A still unpatched 0-day RCE impacts more than 3.5M Exim servers (Security Affairs)
New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks (The Hacker News)
APT34 deploys new Menorah malware in targeted phishing attack (Candid.Technology)
APT34 Deploys Phishing Attack With New Malware (Trend Micro)
Iranian APT Group OilRig Using New Menorah Malware for Covert Operations (The Hacker News)
North Korean Lazarus targeted a Spanish aerospace company (Security Affairs)
Meet LostTrust ransomware — A likely rebrand of the MetaEncryptor gang (BleepingComputer)
Ukraine at D+585: Trench fighting in the south. (CyberWire)
Royal family website hit by cyber attack (The Independent)