Title:ย Microsoft Has Busy April Patch Tuesday with Zero-Days, Exchange Fixes
Date Published:ย April 14, 2021
https://threatpost.com/microsoft-april-patch-tuesday-zero-days/165393/
Excerpt:ย โIn all, Microsoft released patches for 110 security holes, 19 classified critical in severity and 88 considered important. The most dire of those flaws disclosed is arguably a Win32k elevation of privilege vulnerability (CVE-2021-28310) actively being exploited in the wild by the cybercriminal group BITTER APT.โ
Title:ย Justice Department Announces Court-Authorized Effort to Disrupt Exploitation of Microsoft Exchange Server Vulnerabilities
Date Published:ย April 13, 2021
Excerpt:ย โTodayโs court-authorized removal of the malicious web shells demonstrates the Departmentโs commitment to disrupt hacking activity using all of our legal tools, not just prosecutions,โ said Assistant Attorney General John C. Demers for the Justice Departmentโs National Security Division. โCombined with the private sectorโs and other government agenciesโ efforts to date, including the release of detection tools and patches, we are together showing the strength that public-private partnership brings to our countryโs cybersecurity.โ
Title:ย Damaging Linux, macOS Malware Is Hiding in False Browserify NPM Package
Date Published:ย April 14, 2021
Excerpt:ย โThe malicious package, named โweb-browserifyโ resembles the popular Browserify NPM component which has been downloaded more than 160 million times throughout its lifecycle, with over 1.3 million weekly downloads on NPM alone, being used by 356,000 GitHub repositories. Apparently, the malicious component has been downloaded around 50 times before it was removed from the NPM within two days of its publishing.โ
Title:ย Microsoft Patches Four More Critical Exchange Server Bugs
Date Published:ย April 14, 2021
https://www.infosecurity-magazine.com:443/news/microsoft-patch-four-critical/
Excerpt:ย โMicrosoft released patches for over 100 flaws for the first time this year yesterday, including one being actively exploited in the wild and four new critical Exchange Server bugs reported by the NSA. The haul of 110 CVEs will keep sysadmins busy, with experts highlighting the zero-day elevation of privilege flaw in Win32k (CVE-2021-28310) as worthy of attention.”
Title:ย Update Your Chrome Browser to Patch 2 New In-the-Wild 0-Day Exploits
Date Published:ย April 13, 2021
https://thehackernews.com/2021/04/2-new-chrome-0-days-under-attack-update.html
Excerpt:ย โGoogle on Tuesday released a new version of Chrome web-browsing software for Windows, Mac, and Linux with patches for two newly discovered security vulnerabilities for both of which it says exploits exist in the wild, allowing attackers to engage in active exploitation. One of the two flaws concerns an insufficient validation of untrusted input in its V8 JavaScript rendering engine (CVE-2021-21220), which was demonstrated by Dataflow Security’s Bruno Keith and Niklas Baumstark at the Pwn2Own 2021 hacking contest last week.โ
Title:ย Behind The Capcom Ransomware Attack
Date Published:ย April 14, 2021
https://heimdalsecurity.com/blog/behind-the-capcom-breach/
Excerpt:ย โIt seems that at the time of the attack, Capcom was in the process of boosting its network defenses, therefore the compromised VPN device was on its way out, but in the background of the pandemic pushing for remote work, the old VPN server continued to function as an emergency backup in case of communication problems.โ
Title:ย COVID-Related Threats, PowerShell Attacks Lead Malware Surge
https://threatpost.com/mcafee-covid-rpowershell-malware-surge/165382/
Date Published:ย April 13, 2021
Excerpt:ย โThe world โ and enterprises โ adjusted amidst pandemic restrictions and sustained remote challenges, while security threats continued to evolve in complexity and increase in volume,โ the report said. โThough a large percentage of employees grew more proficient and productive in working remotely, enterprises endured more opportunistic COVID-19-related campaigns among a new cast of bad-actor schemes. Prominent campaigns such as Sunburst and new ransomware tactics left [security operations centers] SOCs no time to rest.โ
Title:ย Ransomware Attack Causes Supermarket Cheese Shortage in the Netherlands
Date Published:ย April 12, 2021
Excerpt:ย โOne local media report, Bakker Logistiek director Toon Verhoeven suspected the attackers might have breached the companyโs systems by exploiting the recently revealed flaw in Microsoft Exchange Server. Verhoeven says that all of Bakker Logistiekโs IT systems are operational once more after six days of recovery, and that should mean that shops will begin to receive deliveries and shelves will be filled again in the coming days. The company says that it has informed the authorities about the security breach, but is neither confirming or denying whether it paid any ransom to its attackers.โ
Title:ย FireEye: 650 New Threat Groups Were Tracked In 2020
Date Published:ย April 14, 2021
https://securityaffairs.co/wordpress/116813/cyber-crime/fireeye-report-650-new-threat-groups.html
Excerpt: โSince its launch, Mandiant tracked more than 2,400 threat groups, 650 of them were tracked in 2020. Over the years, the experts combined or eliminated approximately 500 groups, leaving more than 1,900 distinct groups tracked at this time (+100 compared to 2019). The threat actors tracked by Mandiant include nation-state actors, financially motivated groups, and uncategorized groups (known as UNCs).โ
Title:ย Intelligence Report: 4 Nations Pose Serious Cyberthreat to US
Date Published:ย April 13, 2021
Excerpt:ย โThreats include disinformation campaigns that target elections and try to undermine democratic institutions as well as aggressive hacking campaigns, such as the SolarWinds supply chain attack, according to the report. In many cases, criminal gangs that maintain mutually beneficial relationships with nation-states pose a threat to the U.S., the report notes.โ