News – March 2023

  • NATO and European Union launch task force on resilience of critical infrastructure

    March 16, 2023

    First announced by NATO Secretary General Jens Stoltenberg and European Commission President Ursula von der Leyen in January, the initiative brings together officials from both organisations to share best practices, share situational awareness, and develop principles to improve resilience. The Task Force will begin by focusing on four sectors: energy, transport, digital infrastructure, and space. Announcing ...

  • FBI, CISA, and MS-ISAC Release #StopRansomware: LockBit 3.0

    March 16, 2023

    The Federal Bureau of Investigation (FBI), CISA, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) has released a joint cybersecurity advisory (CSA), #StopRansomware: LockBit 3.0. This joint advisory details known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) that FBI investigations correlated with LockBit 3.0 ransomware as recently as March 2023. LockBit ...

  • Threat Actors Exploited Progress Telerik Vulnerability in U.S. Government IIS Server

    March 15, 2023

    Today, the CISA, Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server. This joint CSA provides IT infrastructure defenders with tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and methods to detect and protect ...

  • Hands up who DIDN’T exploit this years-old flaw to ransack a US govt web server…

    March 15, 2023

    Multiple criminals, including at least potentially one nation-state group, broke into a US federal government agency’s Microsoft Internet Information Services web server by exploiting a critical three-year-old Telerik bug to achieve remote code execution. The snafu happened between November 2022 and early January, according to a joint alert from the FBI, CISA, and America’s Multi-State Information ...

  • Magniber ransomware actors used a variant of Microsoft SmartScreen bypass

    March 14, 2023

    Google’s Threat Analysis Group (TAG) recently discovered usage of an unpatched security bypass in Microsoft’s SmartScreen security feature, which financially motivated actors are using to deliver the Magniber ransomware without any security warnings. The attackers are delivering MSI files signed with an invalid but specially crafted Authenticode signature. The malformed signature causes SmartScreen to return ...

  • SAP releases security updates fixing five critical vulnerabilities

    March 14, 2023

    Software vendor SAP has released security updates for 19 vulnerabilities, five rated as critical, meaning that administrators should apply them as soon as possible to mitigate the associated risks. The flaws fixed this month impact many products, but the critical severity bugs affect SAP Business Objects Business Intelligence Platform (CMC) and SAP NetWeaver. Read more… Source: Bleeping Computer  

  • Wymondham College hit by sophisticated cyber attack

    March 14, 2023

    Wymondham College said disruption was likely to continue until the Easter holidays due to its IT system being targeted. In a message sent to students, seen by the EDP, the college apologised for disruption but said it believed there had been no data breach. Read more… Source: Wymondham Evening News  

  • UK minister asks National Cyber Security Centre to look into safety of app

    March 14, 2023

    UK security minister Tom Tugendhat has asked the National Cyber Security Centre (NCSC) to look into TikTok after governments around the world have begun banning it from their work phones. The Chinese-owned video sharing app is increasingly under the European and US microscope over security and data privacy, with concerns it could be used to promote ...

  • Microsoft fixes Windows zero-day exploited in ransomware attacks

    March 14, 2023

    Microsoft has patched another zero-day bug used by attackers to circumvent the Windows SmartScreen cloud-based anti-malware service and deploy Magniber ransomware payloads without raising any red flags. The attackers have been using malicious MSI files signed with a specially crafted Authenticode signature to exploit this security feature bypass vulnerability (tracked as CVE-2023-24880). Read more… Source: Bleeping Computer Related story: ...

  • 7th Edition Connected Banking Summit East Africa – Innovation & Excellence Awards 2023 Concludes with Resounding Success

    March 13, 2023

    The Summit brought together the best and brightest minds in the banking, financial services, fintechs and techfin sectors. The event, which took place on 7th March 2023, featured insightful speakers, award-winning companies, and top-notch sponsors. Attendees were treated to a range of informative sessions, covering topics such as digital transformation, cybersecurity, and risk management. The keynote ...

  • Cyprus: Land registry website problems due to ‘cyber attack’

    March 12, 2023

    After a “thorough evaluation of all data”, the land registry department on Sunday said the technical problem that saw it go offline since Wednesday was due to a “cyber attack” The department said that due to the nature of the problem and the size of the systems, they will be gradually restored, starting with the restoration ...

  • “Massive” cyber attack crashes African Union’s system

    March 11, 2023

    Cyber attackers prey on the African Union (AU), resulting in the unscheduled suspension of its systems. The Reporter got a copy of an internal memo that said an attack on the AU data center started last week, making services and applications unavailable. Sources say that more than 200 corrupted devices have been found and are being ...

  • What happens if you ‘cover up’ a ransomware infection? For Blackbaud, a $3m charge

    March 10, 2023

    Blackbaud has agreed to pay $3 million to settle charges that it made misleading disclosures about a 2020 ransomware infection in which crooks stole more than a million files on around 13,000 of the cloud software slinger’s customers. According to America’s financial watchdog, the SEC, Blackbaud will cough up the cash – without admitting or denying ...

  • Canada: Cyber attack hits engineering giant with contracts for military bases, power plants

    March 9, 2023

    A Canadian engineering giant whose work involves critical military, power and transportation infrastructure across the country has been hit with a ransomware attack. Toronto-based Black & McDonald has so far refused to publicly comment on the cyberattack, while the Department of National Defence and other clients of the company have downplayed any impact or damage. Read more… Source: ...

  • IceFire ransomware now encrypts both Linux and Windows systems

    March 9, 2023

    Threat actors linked to the IceFire ransomware operation now actively target Linux systems worldwide with a new dedicated encryptor. SentinelLabs security researchers found that the gang has breached the networks of several media and entertainment organizations around the world in recent weeks, starting mid-February, according to a report shared in advance with BleepingComputer. Read more… Source: Bleeping Computer