Tag Archive for: installations

Cuba ransomware gang looking for unpatched Veeam installations: Report

/in


The Cuba ransomware gang has tweaked its attack strategy to go after IT environments that haven’t patched a recently discovered vulnerability in Veeam Software’s backup solutions.

Usually the gang exploits the three-year old Windows Server Netlogon vulnerability (CVE-2020-1472) known as Zerologon, BlackBerry said in a report Thursday. However, an analysis of a series of attacks in June, including a critical infrastructure organization in the United States and an IT integrator in Latin America, shows the gang is now also targeting the Veeam CVE-2023-27532 vulnerability.

Other researchers call the strain of ransomware used by this group Colddraw or Fidel. It first appeared in 2019 and, according to BlackBerry, has built up a relatively small but carefully selected list of victims in the years since. As of August 2022, the group had compromised 101 organizations, 65 of them in the United States.

Based on the strings analysis of the code used in the most recent campaign, BlackBerry found indications that the developer behind Cuba ransomware is Russian-speaking. That theory is further strengthened, the report says, by the fact the ransomware automatically terminates its own execution on hosts that are set to the Russian language, or on those that have the Russian keyboard layout present.

IT defenders should also note that, in this particular campaign, the Cuba gang somehow got hold of an organization’s administrator credentials. The attackers logged in directly through Windows Remote Desktop Protocol (RDP). There was no evidence of previous invalid login attempts, or evidence of techniques such as brute-forcing or exploitation of vulnerabilities. This means, BlackBerry concluded, that the attacker likely obtained the valid credentials via some other method.

Cuba’s toolkit consists of various custom and off-the-shelf parts. These include what BlackBerry calls BugHatch, a lightweight custom downloader likely developed by the Cuba ransomware members, as it has only been seen operated by them in the wild. It establishes a connection to a command-and-control server and downloads a payload of the attacker’s choosing, typically small PE files or PowerShell scripts. BugHatch can…

Source…

Bluetooth Key Installations Soared by 244%

/in


DUBLIN, June 1, 2021 /PRNewswire/ — The “China Digital Vehicle Key Industry Report, 2020” report has been added to ResearchAndMarkets.com’s offering.

Bluetooth Key Installations Soared by 244% in the First Seven Months of 2020

Our Digital Vehicle Key Industry Report, 2020 sorts out current digital key solutions and development trends.

In an era of intelligent vehicles, key is a new digital trait and has been not like what it used to be. Terminals like smartphones, smart watches and smart bracelets become carriers of vehicle keys, making people’s lives more convenient and creating more room for digital car life.

Key Trends

The less than 5% installation leaves space for rapid adoption

Digital key has three technology routes: Bluetooth Low Energy (BLE), Near Field Communication (NFC) and Ultra-wideband (UWB). Yet the overall installation is below 5%. Among them Bluetooth key finds broader application.

In the first seven months of 2020, Bluetooth key was mounted on roughly 220,000 passenger cars in China, a like-for-like spurt of 244%, with an installation rate of 3.3%, 1.6 percentage points higher than that in the prior-year period. Despite low installation in both volume and rate, Bluetooth key is roaring ahead.

Apart from car lock/unlock and start-up capabilities, digital key enables personalized settings (e.g., seats, music and ID account), key sharing, vehicle trajectory record, and delivery to car. In future digital key will be an individualized element for cars and arouse much imagination.

Digital key is so beloved by Chinese automakers

In China, local automakers more willingly embrace digital key. In Bluetooth key’s case, there were a total of 14 passenger car brands using such a key in China between January and July in 2020, including 10 homegrown ones with a combined 70% share in installation.

In 2014, BYD first introduced smartphone Bluetooth-based digital key which can lock and unlock cars without network. GAC NE, Xiaopeng Motors, Geely and Changan Automobile followed and rolled out Bluetooth or NFC-based key.

  • In April 2019, GAC NE unveiled its Bluetooth key-enabled car models – AION.LX and AION.S. The key solution is co-developed by GAC NE and Shanghai InGeek Cyber Security…

Source…

Stefanik says U.S. slow to harden military installations for climate change, cyber war – North Country Public Radio

/in

Stefanik says U.S. slow to harden military installations for climate change, cyber war  North Country Public Radio
“cyber warfare news” – read more

Cisco touts next-gen firewall gear for midsize installations

/in

Cisco is coming out with four next-generation firewall boxes aimed at giving smaller organizations protection that is better sized to their needs and engineered to minimize performance hits as additional security services are turned on.

The devices make up a family called the Cisco Firepower 2100 series and are built around dual, multi-core processors. That architecture enables custom processing of traffic requiring threat inspection, and also supports tagging traffic that doesn’t need threat inspection so it flows through only the separate network processing unit.

These features combine to provide ample processing power for services such as IPS and also lighten the total load on that processor by diverting traffic that doesn’t require those services, Cisco says.

To read this article in full or to leave a comment, please click here

Network World Tim Greene