Cybersecurity News - Page 310

The attack was launched by a threat actor affiliated with the Russia-linked APT 29 hacking group.

CVE-2021-34527 includes both RCE and a LPE vector that can be used by hackers to execute commands with SYSTEM privileges on vulnerable Windows systems.

The vulnerability affects PowerShell version 7.0 or 7.1 and has been fixed in versions 7.0.6 and 7.1.3, respectively.

Polish counter-intelligence said the attack has been carried out as part of the Ghostwriter campaign that has targeted Polish politicians in recent months.

Kaseya estimates that "fewer than 1,500 downstream businesses" have been affected by the REvil ransomware attack.

It appears, that hackers abused a zero-day flaw in the Kaseya VSA servers.

Targeted organizations include government and military, defense contractors, energy firms, logistics companies, think tanks, universities, law firms and media companies.

The new threat actor is asking for .006 bitcoins from victims and is using email to communicate with victims instead of a dedicated Tor payment site.

Mihai Ionut Paunescu was first arrested in Romania in 2012, but was able to avoid extradition.

Researchers from Chinese cybersecurity company Sangfor published a proof-of-concept code of a bug that wasn’t actually the same vulnerability fixed by Microsoft.