Effective use of cybersecurity tools and regular security patches helps minimize cyber threats to an extent; however, no strategy is one-hundred percent foolproof, as suggested by the following headlines on recent cybersecurity issues. Read on to know how malicious actors pick their victims and how you can learn from others’ mistakes to make sure the confidentiality, integrity, and availability of your digital assets remain intact!
Cybersecurity Tip: Fix Vulnerability First, Pay Ransom Later
An unnamed organization recently underwent a ransomware attack and paid nearly £6.5million to get the data decrypted. However, they skipped the ransomware protection measures because of which the same attackers came back less than two weeks later, exploited the same vulnerability, and extracted a second ransom from them. Such incidents are not uncommon in the cyberworld; decrypting data is usually the first thing on a victim organization’s mind, but being cautious is equally essential, as evident from this incidence.
While the cybersecurity goal is to avoid attacks, an enterprise must always question the circumstances and security vulnerabilities leading to the attack in the advent of a security incident. In the absence of such introspective security measures, cyberattacks keep happening again and again. Hence, businesses must keep their software up-to-date, use strong passwords, maintain backups and enable MFA for enhanced security.
Indian Airtel Users Beware Of Red Rabbit
A hacker group named Red Rabbit attacked the Bharti Airtel servers in December 2020; now, they have leaked the data of over 25 lakh Airtel subscribers on the dark web. While the telecom operator has denied any breach, evidence provided by security researcher Rajshekhar Rajaharia suggests otherwise.
While the leaked data belongs to Airtel users from the Jammu and Kashmir circle, hackers claim that they have access to records of all Indians using Airtel. Airtel continues to deny the cybersecurity breach, but users are advised to stay vigilant and refrain from sharing sensitive information on telephonic interactions.
A Ray of Hope: Kaspersky Launches Free Decryptor For Fonix Ransomware
It’s not just adversaries who succeed in their digital advents; the latest Kaspersky release provides an unmatched ransomware protection solution that brings cyber warriors at par with cyber attackers. The new Kaspersky release is mainly for the dangerous Fonix ransomware strain. Fonix has affected over 5000-6000 systems since its launch in 2020. Now, Kaspersky has created a free decryptor capable of recovering all files encrypted by Fonix.
Following the decryptor launch, the Fonix admins have announced a shut down of their ransomware operation and released a decryption key to decrypt all infected systems for free. It was later confirmed that their key was useful in decrypting a victim’s files. However, let’s stick to what security firm Kaspersky calls the RakhniDecryptor. Using the decryptor is made easy with the comprehensive instructions and should be accessible to all users.
Forward Air Loses $7.5 Million To Ransomware
Forward Air – the trucking and freight transportation logistics company was attacked by the Hades ransomware on 15th December 2020. Consequently, the company incurred a financial loss of $7.5 million as part of the temporary business shut down. Forward Air’s instance is just one example justifying why security researchers always advise to invest in email security services and prevent phishing attacks instead of trying and dealing with them.
While we don’t know whether Forward Air paid a ransom or availed a cyber insurance policy, a Coveware report states the recent trend where organizations prefer to start from scratch and rebuild their systems instead of paying a ransom to the adversaries.
DARPA’s Bug Bounty Program Sets Example For All
The bug bounty program set up by the US Defense Advanced Research Projects Agency (DARPA) to evaluate the hardware architectures of its System Security Integration Through Hardware and Firmware (SSITH) program has resulted in 10 significant vulnerabilities. While seven of these are marked as critical, three vulnerabilities have been marked as high.
However, DARPA’s efficient cybersecurity tools have already fixed four of these security flaws, and they hope to resolve the others soon. The bug bounty program – Finding Exploits to Thwart Tampering (FETT) was helpful both for securing the hardware architecture in the SSITH program and motivating the researchers to work harder on advancing their technology.
Six Vulnerabilities In Realtek Devices, Now Patched
Researchers from Israeli security firm Vdoo have found six vulnerabilities in the Realtek RTL8195A Wi-Fi module, which, if exploited, could give adversaries root access to a device’s wireless communications. While the flaws were found in RTL8195A alone, researchers believe that they exist in other modules like RTL8710AF, RTL8711AM, and RTL8711AF.
The buffer overflow vulnerability (CVE-2020-9395) allows attackers near an RTL8195 module to take charge of the module even without the password. Two other flaws can be used to launch DoS attacks, and the remaining three bugs, including CVE-2020-25854, let adversaries execute arbitrary code on the Wi-Fi client devices. However, Realtek has responded to the cybersecurity issues and released patches for all six flaws in its Ameba Arduino 2.0.8.
HelpSystems Acquires Digital Defense
In what seems like a beneficial digital merger, HelpSystems has acquired the cloud security company Digital Defense. All HelpSystems clients who wanted to strengthen their security infrastructure can now access Digital Defense’s comprehensive security assessment toolkit. The latest acquisition comes after HelpSystems acquired Titus, Vera, and Boldon James last year and FileCatalyst this year.
The cloud native vulnerability scanning engine offered by Digital Defense allows organizations to identify security loopholes in their infrastructure and take necessary email protection and other security measures. HelpSystems is assertive that this latest acquisition shall enable them to serve their customers better.