July 13, 2021

The infrastructure and leak sites used by the REvil ransomware gang for its operations went offline last night. Starting last night, the infrastructure and the websites used by the REvil ransomware gang were mysteriously unreachable, BleepingComputer first reported. “The REvil ransomware operation, aka Sodinokibi, operates through numerous clear web and dark web sites used as […]

The post The infrastructure and websites used by REvil ransomware gang are not reachable appeared first on Security Affairs.

Read More The infrastructure and websites used by REvil ransomware gang are not reachable

Arctic Wolf announced that the company has executed a financing round of $150 million, with Viking Global Investors, Owl Rock, a division of Blue Owl Capital, and other existing investors. Following this round, the company has achieved a valuation of $…

Read More Arctic Wolf raises $150M to expand operations globally and bring to market new products and innovation

Microsoft has detected a 0-day remote code execution exploit being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to DEV-0322, a group operating out of China.

The post Microsoft discovers threat actor targeting SolarWinds Serv-U software with 0-day exploit appeared first on Microsoft Security Blog.

Read More Microsoft discovers threat actor targeting SolarWinds Serv-U software with 0-day exploit

Most people agree that the workplace will never return to the way it was prior to COVID-19, but the jury is out on what that entails. A panel discussion during ITWC’s Digital Transformation Week examined the pandemic’s impact and just what that means for the future of work. “We have been through an interesting time,” […]

The post Opportunities and challenges in the future work world first appeared on IT World Canada.

Read More Opportunities and challenges in the future work world

A CyberNews investigation uncovered a network of wallet addresses used by a scammer group to store and cash out millions in crypto stolen from thousands of victims. Original post @ https://cybernews.com/crypto/millions-of-stolen-crypto-found-investigation/ Mindaugas (who wished his last name not to be disclosed publicly), an executive at a UK-based company, unknowingly fell for a scam when he […]

The post This couple lost £15,000 to scammers. We followed the money – and found millions in stolen crypto appeared first on Security Affairs.

Read More This couple lost £15,000 to scammers. We followed the money – and found millions in stolen crypto

Adobe addressed multiple critical vulnerabilities in several products, including Adobe Acrobat and Reader application. Adobe addressed multiple critical remote code execution and privilege escalation vulnerabilities in multiple products running on both Windows and macOS systems. The flaws fixed by Adobe affect Acrobat and Reader, Illustrator, Framemaker, Dimension and Bridge products. Below the list of advisories […]

The post Adobe patches critical vulnerabilities in Reader, Acrobat, and Illustrator appeared first on Security Affairs.

Read More Adobe patches critical vulnerabilities in Reader, Acrobat, and Illustrator

Covid-19 has accelerated the journey to digital transformation, demonstrating the perils of being left behind on the digital highway. Knowing the importance of DX is a strong motivator for taking action, but for many companies, it’s not as simple. “There are barriers,” said Pat Phelan, VP Market Research, Rimini Street, a global provider of enterprise […]

The post Overcoming the barriers to digital transformation first appeared on IT World Canada.

Read More Overcoming the barriers to digital transformation

Microsoft’s July security updates roll will feature approximately 40 security updates for Windows-specific issues ranging from Important to Critical. July’s Patch Tuesday roll will also include several fixes for CVE-2021-34527, the Windows Print Spoole…

Read More Patch Tuesday July 2021:Microsoft To Deliver 40 Security Patches, Including Several Fixes for an Exploitable Zero-Day Vulnerability

ModiPwn flaw (CVE-2021-22779) in some of Schneider Electric’s Modicon PLCs can allow attackers to bypass authentication mechanisms and take over the device. Researchers at IoT security firm Armis discovered an authentication bypass vulnerability, tracked as CVE-2021-22779 and dubbed ModiPwn, that affects some of Schneider Electric ’s Modicon PLCs. The flaw can be exploited by an unauthenticated attacker […]

The post ModiPwn flaw in Modicon PLCs bypasses security mechanisms appeared first on Security Affairs.

Read More ModiPwn flaw in Modicon PLCs bypasses security mechanisms

Interesting attack:

Masquerading as UK scholars with the University of London’s School of Oriental and African Studies (SOAS), the threat actor TA453 has been covertly approaching individuals since at least January 2021 to solicit sensitive information. The threat actor, an APT who we assess with high confidence supports Islamic Revolutionary Guard Corps (IRGC) intelligence collection efforts, established backstopping for their credential phishing infrastructure by compromising a legitimate site of a highly regarded academic institution to deliver personalized credential harvesting pages disguised as registration links. Identified targets included experts in Middle Eastern affairs from think tanks, senior professors from well-known academic institutions, and journalists specializing in Middle Eastern coverage…

Read More Iranian State-Sponsored Hacking Attempts

All the recent tech news that we maybe didn’t get to yet, or it’s the news we’ve reported on and feel is worth resurfacing

The post Coffee Briefing, July 13, 2021 – Visa Installments service launches in Canada; Pinterest bans weight loss ads; and more first appeared on IT World Canada.

Read More Coffee Briefing, July 13, 2021 – Visa Installments service launches in Canada; Pinterest bans weight loss ads; and more