Daily Perk 2/5/2021

0-Day exploit alert: Google has a patch out for a Chrome browser heap buffer overflow flaw under active exploit. CVE-2021-21148. More here from Malware Bytes

Cisco warns of critical remote execution flaws in small business VPN routers from ZDNet

This poses some big risks for small businesses using a number of routers, especially since some are considered end-of-life for support and won’t get patches. Flaws are in the web management interface. Cisco released 3 security advisories yesterday. Over the past couple years, nation state adversaries have been hunting unpatched routers and using them in weaponized botnets. So check yours and patch 😇

Darkside Ransomware hits Electric Utility in Brazil, uses CyberArk from Bleeping Computer

I am seeing more utilities and major manufacturing as targets in the big game hunting of extortionist ransomware attacks. Two Brazilian state-owned electric companies just got hit. One of those, Copel, was hit by Darkside ransomware operators who stole 1000 GB of data, with critical and private info on networks, backups etc.

Of note is they got in by accessing Copel’s CyberArk privileged access management solution where they – sit down – “exfiltrated plaintext passwords across Copel’s local and internet infrastructure.” Wait, there’s more. Darkside says they exfiltrated AD data too. So much could go wrong 😱

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s