July 25, Help Net Security – (International) Critical holes in Micro Focus Filr found, plugged. Micro Focus released patches addressing a cross-site request forgery (CSRF) flaw, an Operating System (OS) Command Injection vulnerability, a persistent cross-site scripting (XSS) flaw, a path traversal, and an authentication bypass vulnerability in its Filr enterprise file management and collaborative file sharing solution after a SEC Consult researcher discovered the flaws during a quick security check. Source
July 24, Softpedia – (International) CTB-Faker ransomware uses WinRAR to lock data in password-protected ZIP files. Bleeping Computer and Check Point researchers found that the CTB-Faker ransomware family is currently being distributed via adult Websites, and encourages users to download a ZIP file which contains an executable that initiates the ransomware which moves files to a password-protected file at “C:Users.zip” through the use of the WinRAR application. Researchers determined that the ransomware is decryptable. Source
July 24, Softpedia – (International) Stampado ransomware stomped out before it could do any real damage. A malware analyst at Emsisoft created a free decrypter, unlocking files encrypted by the Stampado ransomware which presents itself as an ad for a Ransomware-as-a-Service (RaaS) offering on Dark Web cyber-crime forums for a low price. Source
July 24, Softpedia – (International) Hacker downloads Vine’s entire source code. Twitter secured an insecure Docker setup used by the company’s staff to manage Vine’s content after security researcher Avicoder discovered the critical security flaw which would have allowed an attacker to download Vine’s entire source code, its application program interface (API) keys, and third party keys, from its servers after determining that the Docker installations were publicly accessible and that Twitter was running Docker API v1 instead of the latest version of Docker (v2). Source
Above Reprinted from the USDHS Daily Open Source Infrastructure Report
July 15, Dark Reading - New Portal Offers Decryption Tools For Some Ransomware Victims. Nomoreransom.org, a joint initiative between Europol, the Dutch National Police, Kaspersky Lab and Intel Security, offers help in getting encrypted data back. Victims of crypto ransomware now have an online portal they can turn to for help in trying to recover encrypted data. Kaspersky Lab in collaboration with Europol, the Dutch National Police and Intel Security have launched www.nomoreransom.org a site that currently provides decryption tools for four ransomware families and will soon feature tools for several more. Source