- Disable User
- Posts
- ⭐ MOVEit vulnerability on it's way to the ransomware hall of fame.
⭐ MOVEit vulnerability on it's way to the ransomware hall of fame.
and this week's Bits & Bytes
Disable User
July 03, 2023
Ah dang, another Disable User so fast?
Yeah buddy, we’re changing things up a little.
Starting this week, you’ll be receiving your weekly dose of cybersecurity goodness on Monday, 11am.
So set those alarms, clear those schedules and be ready to read your favorite newsletter.
In this week's edition:
⭐ MOVEit vulnerability on it’s way to the ransomware hall of fame
📰 What’s happening in cybersecurity
❓ Disable User explains: Smishing
🔥 meme of the week
Reading time: 2:03
MOVEit vulnerability on it’s way to the ransomware hall of fame
So the MOVEit vulnerability has been out for a while.
I have to admit, I didn’t read or write much about it, because it doesn’t affect me or anyone I know.
But it’s hard not to write about it, a little.
For you to understand what I’m talking about, let me do a quick recap:
MOVEit is managed file transfer software by Progress software - You can compare it to WeTransfer but more focussed on being a scalable solution for enterprises.
On may 31st, Progress disclosed it had reasons to believe hackers found a way to break it’s tool - and through that gain access to a number of companies.
Microsoft found out the Clop ransomware gang was behind the attacks - and that’s usually bad news for everyone involved. They take no prisoners.
Numerous companies have come forth that they’ve been breached - and no small boy’s either: Siemens Energy, Schneider Electric, The BBC, NYC dept of Education and some US states.
And while Progress software is doing what it can to fix it, the damage will keep piling up.
Making this one of, if not the largest Supply Chain Attack ever.
And no matter how good your internal defenses, you’ll never be able to fully defend against those.
The only thing that can prevent you from a total nightmare is a good incident response plan. Know what to do.
I’ll end this with my favorite quote about a young Security Officer, becoming a rising star against all odds
It ain't about how hard you hit. It's about how hard you can get hit... and keep moving forward.
So, when did you last test your incident response plan?
What’s happening in cybersecurity
TSMC says IT supplier extorted by LockBit - So LockBit thought they breached TSMC - a developer of microchips - but they actually hit a supplier. Guess they won’t be having cake at the LockBit offices.
Beware: New 'RustBucket' Malware Variant Targeting macOS Users - Every time a Mac user says “there are no virusses for macOS”, a cute lamb dies.
Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts - Don’t forget to update your WordPress AND the plugins you’re using.
Decrypted: Akira Ransomware - Avast Threat Labs - the Akira ransomware that started appearing in March 2023, was cracked by Avast. Avast released a free decryptor, and therefor get the “Company of the week” award.
Social Engineering special: Smishing
A phishing technique that uses phishing via SMS (text) messages.
I’m not making this up, it’s real.
Source: trust me bro.
Meme of the week
