FBI: Ransomware gang breached 52 US critical infrastructure orgs

The US Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple US critical infrastructure sectors. This was revealed in a joint TLP:WHITE flash alert published on Monday in coordination with the Cybersecurity and Infrastructure Security Agency. By Sergiu Gatlan I March 7, 2022 Read More

China-linked APT41 Targeting U.S. State Governments by Exploiting Flaws in Web Applications

In this blog post, we detail APT41’s persistent effort that allowed them to successfully compromise at least six U.S. state government networks by exploiting vulnerable Internet-facing web applications, including using a zero-day vulnerability in the USAHerds application (CVE-2021-44207) as well as the now-infamous zero-day in Log4j (CVE-2021-44228). While the overall goals of APT41's campaign remain unknown, our investigations into each of these intrusions have revealed a variety of new techniques, malware variants, evasion methods, and capabilities. By Rufus Brown I March 8, 2022 Read More

NVIDIA's Code Signing Certificates Stolen and Abused in Attacks

Cybercriminals were found using stolen NVIDIA code signing certificates to sign malicious programs. They do so to appear legitimate to security systems, which eventually allows the loading of malicious drivers in Windows. By Cyware Alerts I March 10, 2022 Read More