Security Newsletter
26 October 2020
New Chrome 0-day Under Active Attacks – Update Your Browser Now
Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version. Google released Chrome version 86.0.4240.111 to patch several security high-severity issues, including a zero-day vulnerability that has been exploited in the wild by attackers to hijack targeted computers.
Hawkes now urged other app vendors who use the same FreeType library to update their software as well, in case the threat actor decides to shift attacks against other apps.
Although the Chrome web browser automatically notifies users about the latest available version, users are recommended to manually trigger the update process by going to "Help → About Google Chrome" from the menu. The finer details about CVE-2020-15999 active exploitation attempts have not been made public. Google usually sits on technical details for months to give users enough time to update and keep even the smallest clues from falling into attackers' hands. However, since the patch for this zero-day is visible in the source code of FreeType, an open source project, it's expected that threat actors will be able to reverse-engineer the zero-day and come up with their own exploits within days or weeks.
Read More on TheHackerNews
Even More on ZDNet
 
French IT giant Sopra Steria hit by Ryuk ransomware
French IT services giant Sopra Steria suffered a cyberattack on October 20th, 2020, that reportedly encrypted portions of their network with the Ryuk ransomware. Sopra Steria is a European information technology company with 46,000 employees in 25 countries worldwide. The company provides a wide range of IT services, including consulting, systems integration, and software development.
A source familiar with the attack has told BleepingComputer that the Sopra Steria network was encrypted by Ryuk ransomware, the same group that infected the Universal Health Services.
This hacking group is known for its TrickBot and BazarLoader infections that allow threat actors to access a compromised network and deploy the Ryuk or Conti ransomware infections. BazarLoader is increasingly being used in Ryuk attacks against high-value targets due to its stealthy nature and is less detected than TrickBot by security software. When installed, BazarLoader will allow threat actors to remotely access the victim's computer and use it to compromise the rest of the network. After gaining access to a Windows domain controller, the attackers then deploy the Ryuk ransomware on the network to encrypt all of its devices. Those kind of attacks can be conducted swiftly and go from a single compromised machine to full company takeover in just a few hours
Read More on BleepingComputer
 
More #News
 
#Patch Time!
 
#Tech and #Tools
This content was created by Kindred Group Security. Please share if you enjoyed!
Kindred Group in brief
Kindred is one of the largest online gambling companies in the world with a diverse team of 1,600 people serving over 26 million customers across Europe, Australia and the US. We offer pre-game and live Sports betting, Poker, Casino and Games through 11 brands across our markets. We are committed to offer our customers the best deal and user experience possible, while ensuring a safe and fair gambling environment. Kindred is a pioneer in the online gambling industry and is an innovation driven company that builds on trust.
You can access the previous newsletters at https://news.infosecgur.us
If you no longer wish to receive this newsletter, you can unsubscribe from this list.