The LockBit ransomware group has unveiled a new website – LockBit 3.0 – to host their ransom extortions and data leaks. The website includes several new features, including an unprecedented bug bounty program to assist the group in securing their site; acceptance of the privacy cryptocurrency, Zcash; and the addition of receiving payments from users to: “extend the timer for 24 … [Read more...]
For the Love of InfoSec, Don’t Over-Expose Administrative Management Portals
When talking to IT and Security professionals, everyone seems to know they shouldn’t overly-expose management portals. And yet, every year we learn some new statistic showing tens of thousands of devices or software products with management portals exposed on the Internet. In hopes of changing this trend, this article talks about why management portals sometimes get exposed and … [Read more...]
Sharing Cyclops Blink Threat Intelligence with the Community
At WatchGuard, we understand the importance of sharing threat intelligence with the information security (infosec) community when safe and appropriate. Not only does this information sharing help to directly defend against known threats, but it also helps the community at large learn from the attacks found in the wild, and appropriately adjust detection and defense strategies. … [Read more...]
5G Didn’t Break Your Car
5G didn't put malware on these Mazda’s entertainment systems but many Seattle Mazda drivers couldn't change their radio station after turning it to the local NPR station, KUOW. As one reddit user put it, "the whole audio system and Bluetooth just keeps trying to reboot." Some users also reported they couldn't use their backup cameras. This fiasco started around January 24th … [Read more...]
SpoolFool: Windows Print Spooler Fooled Again
Microsoft's monthly Patch Tuesday already occurred this month, so you know what that means - more disclosed vulnerabilities. This iteration of patches included fixes for a combined 70 vulnerabilities, including one zero-day. Thankfully, none of these fall into Microsoft’s “critical” category. However, there are four Elevation of Privilege vulnerabilities targeting the Windows … [Read more...]