top of page
Untitled design.png

Weekly INK

Each week we compile an advisory on the latest threats, trends and newsworthy topics from the cyber security industry affecting small and medium enterprises. Join our subscribers below and help us prevent cybersecurity breaches.

watermark4.png

Issue #70 - November 6, 2023

Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks

Source: Bleeping Computer

Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware. SysAid is a comprehensive IT Service Management (ITSM) solution that provides a suite of tools for managing various IT services within an organization.




'BlazeStealer' Python Malware Allows Complete Takeover of Developer Machines

Source: Dark Reading

Checkmarx researchers warn that BlazeStealer can exfiltrate information, steal passwords, disable PCs, and take over webcams. Malicious Python packages masquerading as legitimate code obfuscation tools are targeting developers via the PyPI code repository. Focusing on those interested in code obfuscation is a savvy choice that could offer up organizational crown jewels, according to researchers at Checkmarx, who dubbed the malware "BlazeStealer."




FBI Highlights Emerging Initial Access Methods Used by Ransomware Groups

Source: Security Week

The FBI has released a fresh warning on ransomware operators compromising third-party vendors and services to abuse them for initial access to victim environments. Threat actors have been observed exploiting vulnerabilities in vendor-controlled remote access to servers and abusing legitimate system management tools to elevate permissions in victim organizations’ networks, the Bureau says.




Cerber Ransomware Operators Exploit Latest Atlassian Bug

Source: Data Breach Today

Ransomware hackers have seized on an exploit of a recently disclosed zero-day vulnerability in Atlassian Confluence instances days after the company urged its customers to patch immediately.




Medical Transcription Hack Affects 1.2 Million Chicagoans

Source: Data Breach Today

A major healthcare provider in Chicago that targets underserved populations is notifying as many as 1.2 million patients that their information was compromised in a data theft incident at a medical transcription vendor.



101 views

Comments


Help us Prevent Breaches.

We will never share or sell your information. Unsubscribe at any time.

Email: *

Received.

bottom of page