BRANDEFENSE BRANDEFENSE
  • Platform
    How It Works?
    Platform Overview
    Cyber Intelligence
    Brand & Reputation Protection
    Exposure Management
    By Use Case
    Preventing Data Leakage
    Phishing Monitoring
    Account Takeover Detection
    Stolen Credit Cards
    Dark Web Monitoring
    Remediation and Takedown
    Q1 | 2023
    Explore the Ransomware Attacks
  • Solutions
    Threat Intelligence Service
    Brand Protection
    Vulnerability Management
    Attack Surface Management
    Fraud Protection
    VIP Security
    Vulnerability Intelligence
  • Resources
    Blog
    Infographics
    Datasheets
    Customer Stories
    Security News
    Threat Intelligence Researches
    Digital Risk Protection – FAQ
    Cybersecurity Glossary
    Events
  • Partners
    About the Partner Program
    Become a Partner
    Partner Portal
  • Company
    About Us
    Join Us!
    We in the Press
    Privacy Policy
    Cookie Policy
    Terms of Use
    Contact Us
Request a Demo
Login

BRANDEFENSE

  • Platform
    How It Works?
    Platform Overview
    Cyber Intelligence
    Brand & Reputation Protection
    Exposure Management
    By Use Case
    Preventing Data Leakage
    Phishing Monitoring
    Account Takeover Detection
    Stolen Credit Cards
    Dark Web Monitoring
    Remediation and Takedown
    Q1 | 2023
    Explore the Ransomware Attacks
  • Solutions
    Threat Intelligence Service
    Brand Protection
    Vulnerability Management
    Attack Surface Management
    Fraud Protection
    VIP Security
    Vulnerability Intelligence
  • Resources
    Blog
    Infographics
    Datasheets
    Customer Stories
    Security News
    Threat Intelligence Researches
    Digital Risk Protection – FAQ
    Cybersecurity Glossary
    Events
  • Partners
    About the Partner Program
    Become a Partner
    Partner Portal
  • Company
    About Us
    Join Us!
    We in the Press
    Privacy Policy
    Cookie Policy
    Terms of Use
    Contact Us
Security News – Week 7

Security News – Week 7

BRANDEFENSE
Weekly Newsletter
19/02/2022

Last updated on August 9th, 2022 at 09:25 pm

swissport aviation services company targeted by blackcat ransomware

Table of Contents

  • Swissport Aviation Services Company Targeted by Blackcat Ransomware
  • Google Releases Updates to Actively Exploited 0-Day Security Vulnerability in Chrome
  • A Critical RCE Vulnerability Has Been Detected in Apache Cassandra
  • DoS Security Vulnerability Detected in Cisco Email Security Appliance DNS Verification Component

Swissport Aviation Services Company Targeted by Blackcat Ransomware

Swissport, which operates in the aviation industry, has been exposed to a Ransomware attack that caused flight delays and service interruptions. The BlackCat Ransomware Group -also known as ALPHV- accepted responsibility for the cyberattack and posted a series of allegedly seized samples of files belonging to Swissport on the leak site.

It is claimed that the data allegedly captured threat actors include sensitive information such as name, surname, e-mail, phone number, internal notes, and passport information of company personnel. The company stated that the attack caused minor delays between 3 and 20 minutes on 22 flights.

Confirming their affiliation with the BlackMatter/DarkSide operation, Blackcat threat actors have been carrying out attacks targeting multiple countries since November 2021, including the USA, Australia, and India. To be able to avoid possible Ransomware attacks, it is recommended not to interact with e-mails and links from unknown parties, use reliable security solutions, and download files or applications over known/trusted connections and sources.

chrome

Google Releases Updates to Actively Exploited 0-Day Security Vulnerability in Chrome

Google has released updates that address 11 vulnerabilities in the Chrome web browser, including a critical 0-day vulnerability actively exploited in attacks.

The vulnerability tracked as CVE-2022-0609 is due to a Use-After-Free error in the Animation component in Google Chrome. As a result, a remote threat actor can create a specially crafted web page and redirect users to this web page. Then it can execute arbitrary code on the target system by triggering the vulnerability.

It is recommended that Google Chrome users update to version 98.0.4758.102 released for Windows, Mac, and Linux to prevent attacks using these security vulnerabilities.

a critical rce vulnerability has been detected in apache cassandra

A Critical RCE Vulnerability Has Been Detected in Apache Cassandra

A security vulnerability has been detected in Apache Cassandra -an open-source NoSQL database management system- leading to remote code execution on affected systems. However, security researchers state that the vulnerability only occurs in non-default configurations of Cassandra.

The vulnerability, tracked as CVE-2021-44521, allows arbitrary code execution on the vulnerable system if the following settings are applied in the “cassandra.yaml” configuration file;

  • Enable_user_defined_functions: True
  • Enable_scripted_user_defined_functions: True
  • Enable_user_defined_functions_threads: False

The vulnerability -rated as critical- affects Apache Cassandra versions 3.0.0 to 4.0.1 (Included). Therefore, it is recommended that Cassandra users upgrade their systems to versions 3.0.26, 3.11.12, and 4.0.2 by adding a new “allow_extra_insecure_udfs” flag not to be affected by the vulnerability.

dos security vulnerability detected in cisco email security appliance dns verification component

DoS Security Vulnerability Detected in Cisco Email Security Appliance DNS Verification Component

A security vulnerability has been detected in the DNS Verification component of the AsyncOS Software for Cisco Email Security Appliance that could cause an affected device to denial of service (DoS).

The vulnerability, tracked as CVE-2022-20653, is caused by improper management of internal resources in the DNS-based Authentication of Named Entities (DANE) e-mail authentication component when performing DNS name resolution. As a result, a remote threat actor can perform a Denial of Service (DoS) attack by sending a specially crafted e-mail message to the system.

The vulnerability -which is considered critical- affects Cisco AsyncOS for Cisco Email Security Appliance 14.0, 13.5, 13.0, 12.5, and earlier versions. Cisco has released workarounds and updates that fix the vulnerability. It is recommended that users using vulnerable versions immediately upgrade to updated versions where the vulnerability has been fixed.

Apache Cassandra Blackcat CVE-2021-44521 CVE-2022-0609 CVE-2022-20653 cyber attack news cyber security news cybersecurity news news hackers Ransomware security news
Share on Facebook Share on X
Search
Categories
APT GroupsBlogDark WebDRPSFraudRansomwareSector AnalysisSecurity NewsVIP SecurityWe in the PressWeekly Newsletter
Recent Posts
  • Brandefense’s Perspective on Understanding APT: Decoding the Tactics of APT Groups
    Brandefense’s Perspective on Understanding APT: Decoding the Tactics of APT Groups
  • Blended Attacks: When Cybercriminals Use Multiple Techniques
    Blended Attacks: When Cybercriminals Use Multiple Techniques
  • Insider Threats: Identifying and Mitigating Risks from Within
    Insider Threats: Identifying and Mitigating Risks from Within
  • Threat Actors Exploit Docker Engine API
    Threat Actors Exploit Docker Engine API
Ransomware Trends Report | Q2 2023
Ransomware Attack Trends in the Second Quarter of 2023
Report

Ransomware Attack Trends in the Second Quarter of 2023

Download Report
Follow us!

Continue Reading

Previous post

How to Protect Your Business from Digital Risks?

protection from digital risks
weekly cyber security news threat intelligence
Next post

A Vulnerability Detected in Hive Ransomware Allows Recovering Encrypted Files

We know what hackers know about you

Our cyber threat intelligence and security research team is ready to help you.
image link

Brandefense is solving SOC’s complex challenges. We are here to help Brandefense customers to protect their brands and reputations against cyber threats.

United States:

300 Delaware Ave. Ste 210 #328 Wilmington, DE 19801 / USA

Republic of Turkey:

Üniversiteler, 1605 Cd. Cyberpark Vakıf Binası Kat: -1 No: B25, 06800 Çankaya/Ankara

© 2022 Brandefense. All rights reserved.

Solutions
Threat IntelligenceBrand ProtectionVulnerability ManagementFraud ProtectionVIP SecurityAttack Surface ManagementVulnerability Intelligence
Use Case
Data LeakagePhishing MonitoringAccount Takeover DetectionStolen Credit CardsDark Web MonitoringRemediation / Takedown
Partners
About the Partner ProgramBecome a Partner
Company
AboutCareerPrivacy PolicyCookie PolicyTerms Of UseContact
Close
Search

Hit enter to search or ESC to close

cookie By using this website, you agree to our cookie policy. Close