News – June 2021


  • CVE-2021-31181: Microsoft Sharepoint Webpart Interpretation Conflict Remote Code Execution Vulnerability

    June 2, 2021

    In May of 2021, Microsoft released a patch to correct CVE-2021-31181 – a remote code execution bug in the supported versions of Microsoft SharePoint Server. This bug was reported to the ZDI program by an anonymous researcher and is also known as ZDI-21-573. This blog takes a deeper look at the root cause of this ...

  • Banking Attacks Surge Along with Post-COVID Economy

    June 2, 2021

    For many, COVID-19 has been a crushing catastrophe. But for bank scammers, it’s shaped up to be a nice little money-making opportunity. As the post-pandemic economy roars back to life, cybercriminals are using a new whirlwind of transactions as cover to launch an extraordinary number of bank fraud attacks. In just the past quarter, the number ...

  • Russian underground forums launch competitions for cryptocurrency, NFT hacks

    June 2, 2021

    Cybercriminals in underground forums have been soliciting techniques for compromising cryptocurrency services. Capture the Flag competitions, conference calls for papers, and gamification in cybersecurity courses designed to equip learners with hands-on skills are all common in the white hat realm, but in opposition, contests are also being launched by cybercriminals to create new offensive techniques. Read more… Source: ...

  • This is how attackers bypass Microsoft’s AMSI anti-malware scanning protection

    June 2, 2021

    In an investigation into techniques used to either avoid or disable AMSI, Sophos researchers said on Wednesday that threat actors will try everything from living-off-the-land tactics to fileless attacks. Perhaps the opportunities AMSI bypass represents were highlighted in a tweet by security expert Matt Graeber in 2016, in which Sophos says a single line of code ...

  • Australian Cyber Security Centre using classified capabilities to warn local entities of impending ransomware hit

    June 2, 2021

    While the Australian Cyber Security Centre (ACSC) is engaged in helping a local organisation remove and recover from a ransomware hit or cyber attack, its overseer, the Australian Signals Directorate (ASD) is able to use its more secretive powers to find out if any other organisations are on the attackers hit list. Speaking about the attack ...

  • US seizes domains used by APT29 in recent USAID phishing attacks

    June 1, 2021

    The US Department of Justice has seized two Internet domains used in recent phishing attacks impersonating the U.S. Agency for International Development (USAID) to distribute malware and gain access to internal networks. The two domains seized by the DOJ are theyardservicecom and were used to receive data exfiltrated from victims of the targeted phishing ...

  • ICT SPRING 2021: physical edition to reconnect to business

    June 1, 2021

    The international tech summit will take place next September 14-15, 2021 Press Release Luxembourg, June 1st, 2021 – Next September 14th and 15th, more than 100 international experts will participate in a new edition of ICT Spring, the renowned tech summit. The event, organized since 2010, will take place at the European Convention Center Luxembourg, at the ...

  • Cyber-Insurance Fuels Ransomware Payment Surge

    June 1, 2021

    Ransomware victims are increasingly falling back on their cyber-insurance providers to pay the ransom when they’re hit with an extortion cyberattack. But security researchers warn that this approach can quickly become problematic. In the first half of 2020, ransomware attacks accounted for 41 percent of the total number of filed cyber-insurance claims, according to a Cyber Claims Insurance ...