The FreakOut botnet is targeting Linux-based systems that include the TerraMaster operating system, which manages TerraMaster network-attached storage servers; the Zend framework, designed to build web application services using PHP; and Liferay Portal, a web application platform that enables users to create portals and websites.
Each of these open-source systems has a vulnerability that the FreakOut botnet attempts to exploit, the researchers say. In the TerraMaster OS, the remote code execution flaw is tracked as CVE-2020-28188. The Zend framework deserialization bug is listed as CVE-2021-3007. And the deserialization vulnerability within the Liferay Portal is CVE-2020-7961.
Researchers urge users to patch these flaws to keep their devices from being recruited into the botnet army.
InfoRiskToday
May 5, 2021
Compliance
euroinfosec) • January 15, 2021
Capitol riot suspect Aaron Mostofsky (Source: New York Post, as cited in criminal complaint)
Many of the insurrectionists who marched on the Capitol on Jan. 6 and violently forced their way into the building livestreamed their activities or boasted about them via social media. So far, those self-identifying actions have helped law enforcement authorities identify some of the more than than 70 individuals charged.
The riot, which occurred as lawmakers were beginning to certify President-elect Joe Biden s Electoral College victory, led to the death of five individuals, including one Capitol police officer who authorities say was hit with a fire extinguisher. Dozens more individuals were injured, and lawmakers and their staff hid around the building to avoid the intruders, some of whom were carrying firearms and zip ties.
BankInfoSecurity
May 5, 2021
DougOlenick) • January 14, 2021 Get Permission
The Conti news website where the ransomware gang posts exfiltrated data in an attempt to extort victims to pay a ransom (Source: Cybereason)
Conti ransomware, which emerged eight months ago, poses a severe threat, according to Cybereason’s Nocturnus Team, which offers an in-depth analysis of how the malware works.
The malware is known for how fast it’s being updated, its ability to quickly encrypt a system and its auto-spreading functionality, according to the report.
Cybereason researcher Lior Rochberger says the actors behind Conti have released three versions of the malware since it burst onto the scene in May 2020, improving its effectiveness with each new variant.
Get Permission
Microsoft says it has removed malware related to an expansive hacking campaign that has ensnared thousands of organizations and U.S. government agencies.
Microsoft’s disclosure comes as the devastating scope of the campaign grew on Thursday, with a fresh U.S. government warning that the recently discovered supply chain compromise may not be the only way a hacking group is infiltrating organizations.
Microsoft says it found malicious binaries that came from SolarWinds, the Austin-based company whose software supply chain was infiltrated by a hacking group.
Reuters, which was first to report Microsoft was affected, says that Microsoft “also had its own products leveraged to further the attacks on others,” citing anonymous sources.
Get Permission
Microsoft says it has removed malware related to an expansive hacking campaign that has ensnared thousands of organizations and U.S. government agencies.
Microsoft’s disclosure comes as the devastating scope of the campaign grew on Thursday, with a fresh U.S. government warning that the recently discovered supply chain compromise may not be the only way a hacking group is infiltrating organizations.
Microsoft says it found malicious binaries that came from SolarWinds, the Austin-based company whose software supply chain was infiltrated by a hacking group.
Reuters, which was first to report Microsoft was affected, says that Microsoft “also had its own products leveraged to further the attacks on others,” citing anonymous sources.