Silensec Newsletter

Category: News

Top News

Yet Another Ransomware Attack: Louisiana governor declares state emergency after local ransomware outbreak

Louisiana governor has activated a state-wide state of emergency in response to a wave of ransomware infections that have hit multple school districts.

The ransomware infections took place this week and have impacted the school districts of three North Louisiana parishes - Sabine, Morehouse, and Ouachita.

IT networks are down at all three school districts, and files have been encrypted and are inaccessible, local media outlets are reporting.


Imperva blocked the largest Layer 7 DDoS attack it has ever seen

An undisclosed streaming service was hit by a 13-day DDoS massive attack powered by a Mirai botnet composed of 402,000 IoT devices.

Imperva confirmed that its systems were able to repel the attack and the service remained up and running during the DDoS attack. According to Imperva, it was the largest Layer 7 DDoS attack it has ever seen.


Major Hacks of the Week

Brazilian banking users exposed by 250GB data leak

An unprotected server belonging to a Brazilian financial services provider has exposed a massive batch of data from customers of various local banks, security experts have found.

The vulnerability has been detected by security researchers Data Group and the total file size of sensitive personal information available in the public domain is estimated to be 250GB.


Health IT companies impacted by browser extension data leak

According to an independent security researcher, some extensions have been leaking and exposing browsing activity data, including patient names and health information from healthcare software companies.

At least eight browser extensions have been collecting browsing activity data, including personally identifiable information and corporate information from unwitting Chrome and Firefox users over a seven month period.


Major Vulnerabilities Disclosed

Several Vulnerabilities found in Comodo antivirus

Several vulnerabilities have been discovered in Comodo Antivirus, including one that allows an attacker to escape the sandbox and escalate privileges, and the vendor does not appear to have released any patches.

David Wells, a researcher at Tenable, uncovered five types of flaws in Comodo Antivirus and Comodo Antivirus Advanced. Four of the issues were identified in version and one denial-of-service (DoS) bug only impacts version


Healthcare's blind spot: Unmanaged IoT and medical devices

Unlike other critical IT assets, connected medical devices are hardly visible in their native IT control systems. It is often difficult for he IT teams to tell how many medical devices are connected, or their type, and they lack critical insight of the devices cybersecurity risk status, threats and vulnerabilities.

Even more shocking, most hospitals lack the visibility to determine whether medical devices have been hacked.


Legal, Regulatory and Corporate
Security and Beyond

Emsisoft Releases A Second Decryptor, this time for ZeroFucks ransomware

Security experts at Emsisoft recently released a second decryptor in a few days, this time announced a free decryptor for the ZeroFucks ransomware. When the ransomware encrypts files the following GUI is displayed to the victims, crooks demand a 400 (euros) ransom worth of Bitcoins.


Face Off: Privacy Issues Not Confined to FaceApp

The internet and the security community is up in arms and shocked, shocked to see that a web developer is collecting data that you share with them and processing that data in the cloud.

In this case, the app is FaceApp, an application developed by an entity in Russia that takes photos you upload and uses an algorithm in the cloud to "age" these pictures to show what you would look like if you were-well, if you were as old as me.


Security Awareness Tip

How businesses can reduce the financial impact of data breaches

The cost of a data breach has grown 12% over the past 5 years, hitting $3.92 million on average. According to a report published by TechRepublic, organizations can take a few actions to mitigate and lessen the financial damage:

  1. Establish an incident response team.
  2. Invest in the right security training, testing services, and technology.
  3. React to a data breach with the necessary speed and efficiency.
  4. Deploy security automation technologies.
  5. Use data encryption
  6. Vet third parties


Silensec Editorial Team

Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor

Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.

Digital Editor: Salome Omondi (B.Com)
Salome Omondi leads the Silensec Marketing Department. She holds a Bachelors of Commerce and Management from Strathmore University. Miss Omondi publishes the weekly Silensec Newsletter, keeping you up to date with the latest infosec news as well as improving information security awareness.

Please feel free to share this with interested parties via email, and social media. For a free subscription, please subscribe to our Mailing list and feed-image Feed .

For any questions please click on the following contact us link

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed