Author: DEFENDEDGE

  • REvil Was Behind JBS Cyberattack

    JBS the world’s largest meat processing company based in Brazil, has fallen victim to a Russian-speaking gang, REvil. They have made some of the largest ransomware demands on record. The attack targeted servers supporting JBS’s operation in North America and Australia. Backup servers weren’t affected and the company stated that it is not aware of… Read more

  • Cisco Smart Switches Riddled with Severe Security Holes

    The intro-level networking gear for SMBs could allow remote attacks designed to steal information, drop malware and disrupt operations. Read more

  • ​​Ransomware Attacks

    Within the past year, several known threat actors have been actively employing ransomware by exploiting vulnerabilities to cause massive disruptions in major industries and gain huge monetary value. According to Cybersecurity and Infrastructure Security Agency (CISA), Ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that… Read more

  • Takeaways from the Colonial Pipeline Ransomware Attack

    The incident showcases basic steps that organizations can take to protect themselves as ransomware gangs get smarter. Read more

  • Millions of Connected Cameras Open to Eavesdropping

    A supply-chain component lays open camera feeds to remote attackers thanks to a critical security vulnerability. Read more

  • Peloton Bike+ Bug Gives Hackers Complete Control

    An attacker with initial physical access (say, at a gym) could gain root entry to the interactive tablet, making for a bevy of remote attack scenarios. Read more

  • Apple Releases Security Updates for iOS 12.5.4

    Original release date: June 15, 2021 Apple has released security updates to address vulnerabilities in iOS 12.5.4. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security update and apply the necessary updates. This product is provided subject to this Notification and this… Read more

  • Apple Hurries Patches for Safari Bugs Under Active Attack

    Apple patched two bugs impacting its Safari browser WebKit engine that it said are actively being exploited. Read more

  • Microsoft Teams: Very Bad Tabs Could Have Led to BEC

    Attackers could have used the bug to get read/write privileges for a victim user’s email, Teams chats, OneDrive, Sharepoint and loads of other services. Read more

  • Vulnerability Summary for the Week of June 7, 2021

    Original release date: June 14, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info aomedia — aomedia aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. 2021-06-04 7.5 CVE-2021-30475 MISC MISC broadcom — sannav Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make… Read more