US Cyber Command says foreign hackers will most likely exploit new PAN-OS security bug

A major security vulnerability was discovered in Pan-OS, the operating system of Palo Alto Network’s firewalls and VPN appliances. This vulnerability is rated 10 out of 10, the most serious category. This score means it can be exploited remotely and by people without deep technical skills. Once exploited, it allows attackers to go around authentication protections. US Cyber Command warned that there is a high probability that nation state attackers will take advantage of it.  

 

https://www.zdnet.com/article/us-cyber-command-says-foreign-hackers-will-most-likely-exploit-new-pan-os-security-bug/?ftag=TRE-03-10aaa6b&bhid=29017885593246285133005340243949&mid=12904906&cid=2201587059

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


US Cyber Command says foreign hackers will most likely exploit new PAN-OS security bug

A major security vulnerability was discovered in Pan-OS, the operating system of Palo Alto Network’s firewalls and VPN appliances. This vulnerability is rated 10 out of 10 meaning the most serious category. This score means it can be exploited remotely and by people without deep technical skills. Once exploited, it allows attackers to go around authentication protections. US Cyber Command warned that there is a high probability that nation state attackers will take advantage of it.  

 

https://www.zdnet.com/article/us-cyber-command-says-foreign-hackers-will-most-likely-exploit-new-pan-os-security-bug/?ftag=TRE-03-10aaa6b&bhid=29017885593246285133005340243949&mid=12904906&cid=2201587059

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


80000 Printers Are Exposing There IPP Port Online

Sadly, many printers are not securing critical information from prying eyes. IPP is the Internet Printer Protocol that is used for managing printers. It also provides a number of additional features including secure communications. But there is a big difference between having a feature and using the feature. If the proper security isn’t used the features of this protocol allow cyber criminals to get information that can be used in attacks.  

 

https://www.zdnet.com/article/80000-printers-are-exposing-their-ipp-port-online/?ftag=TRE-03-10aaa6b&bhid=29017885593246285133005340243949&mid=12892891&cid=2201587059

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

 


Separate Phishing Attacks Target Wells Fargo and BofA Customers

Two phishing campaigns have been discovered that employ different lures but are still effective at trapping people. One goes after Bank of America customers, but only a specific subset. The attack bypasses security blocks. The other one is larger and goes after Wells Fargo customers by posing as the Wells security department and providing a message telling people that their account will be locked if their security credentials aren’t updated. 

 

https://www.bankinfosecurity.com/separate-phishing-attacks-target-wells-fargo-bofa-customers-a-14478?rf=2020-06-23_ENEWS_SUB_BIS__Slot1_ART14478&mkt_tok=eyJpIjoiTldZd1lqWXdOV1l5T1dFNSIsInQiOiJmSld1eUFZXC9VYWsrblc0aCswYm9xUFZLY2NNK1hLRlQ3SEN5UVV0SW92eXFhOFdGcHQrRndvdndrNHl1NENaSU1BZitCcHBxM0RqaG9wM1pmeFFLTTM2OTRwcUFRenI5clErZm1Ea0laanVcL1FIVVJ1V0F0OTVCTTdJQlNqdndoIn0%3D

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

 


New Evilquest Ransomware Discovered Targeting MacOS

A new type of ransomware was found this week that targeted MacOS. This is not the first but what differentiates this one is that in addition to encrypting the files, it sets up a keylogger, attacks crypto-wallets for their cryptocurrency and initiates a reverse shell. So even if the ransom is paid, the MacOS is still infected with multiple types of malware allowing theft of data. 

 

https://www.zdnet.com/article/new-evilquest-ransomware-discovered-targeting-macos-users/?ftag=TREc64629f&bhid=29017885593246285133005340243949&mid=12905556&cid=2201587059

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


Nefilim Ransomware Gang Tied to Citrix Gateway Hacks

A ransomware gang has been targeting Citrix gateways. This is especially risky these days with some many people working remotely and accessing company networks through the Citrix gateways. 

 

https://www.databreachtoday.com/nefilim-ransomware-gang-tied-to-citrix-gateway-hacks-a-14480?rf=2020-06-23_ENEWS_SUB_DBT__Slot1_ART14480&mkt_tok=eyJpIjoiTm1Ga1pEVTRZbU0yWkdFeiIsInQiOiJBeHh5a2Y2Y0VQdTc2NFkzOG9oQjhBU1o3aXlTN2hWZ2pCNW9semJIYWoxRkJFWHAyS25lQTlvY004TzQzUUlWXC9OMDdYWlwvb2xGck9kMHl4bWtuVXZrRHZPXC9ZeXRvMnp2Q3Q4ZXVKTG9pK253M0daUnVnQUFOSGgyWUs4NXlEaSJ9

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


New Wastedlocker Ransomware Demands Payments of Millions of USD

A gang of successful cyber criminals that has been operating since 2007 has returned with a new strain of ransomware. The group’s activity slowed when the Department of Justice charged a number of their members with crimes. Sadly this only slowed their activity for a short period and now they are back.  

 

https://www.zdnet.com/article/new-wastedlocker-ransomware-demands-payments-of-millions-of-usd/?ftag=TRE-03-10aaa6b&bhid=29017885593246285133005340243949&mid=12892891&cid=2201587059

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


FBI Warns of Increasing Use of Trojans in Banking Apps

Mobile banking has been growing in use, especially in light of the pandemic and social distancing recommendation.  Sadly, this also means it has gotten cyber criminal’s attention as a new way to steal information. 

 

https://www.bankinfosecurity.com/fbi-warns-increasing-use-trojans-in-banking-apps-a-14419?rf=2020-06-12_ENEWS_SUB_BIS__Slot1_ART14419&mkt_tok=eyJpIjoiTkRFMk9UZ3dabVk1T1RReSIsInQiOiJ3OEswaERvUUpEbmFRN2NKWkVaS2oyUjFTTngrdzBTcjFIOUhCMjhtRytPUTVpd2FCWWFVQ3k4bGQxc05iYUtnOEtFVVBLdEJJdCtkemZnOXBKQUcwNjZpdG5KVjJKbndvQlNcL0FwOHAzWWZvZW1IaXFZTE1jdDRBQXQ0TjN4RVwvIn0%3D

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


Watch Out: There's A Big Black Lives Matter Scam About

Anything that attracts people’s attention is being used by cyber criminals in their attempts to steal information. Covid-19 became a hot topic and now it is Black Lives Matter. 

 

https://www.forbes.com/sites/thomasbrewster/2020/06/11/watch-out-theres-a-big-black-lives-matter-scam-about/?utm_source=newsletter&utm_medium=email&utm_campaign=dailydozen&cdlcid=5d127e491802c8c5242fe4dc#32291dfc62d8

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.


Honda Hit By Cyberattack That Impacted Its Global Operations

Honda’s financial and customer service were unavailable due to a cyberattack. Ransomware is the suspected culprit. 

 

https://www.techrepublic.com/article/honda-hit-by-cyberattack-that-impacted-its-global-operations/?ftag=TREa988f1c&bhid=29017885593246285133005340243949&mid=12874059&cid=2259448332

 

If clicking the link does not take you to the proper page, copy and paste the link into your browser.