This Week in Security News - July 30, 2021
Threat Actors Exploit Apache Hadoop YARN and BlackMatter Ransomware Claims to Be Best of REvil, Darkside.
Save to Folio
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn how threat actors are exploiting Apache Hadoop YARN, a part of the Hadoop framework that is responsible for executing tasks on the cluster. Also, learn about a new ransomware group called BlackMatter.
Trend Micro researchers investigated how threat actors are exploiting Apache Hadoop YARN, a part of the Hadoop framework that is responsible for executing tasks on the cluster. This analysis covers the payloads deployed, the tactics used in the attacks, and basic recommendations for strengthening cloud security.
A previously unknown user with the handle "BlackMatter" announced the launch of BlackMatter Ransomware via two large, Russian-language forums, saying it offered a "greatest hits" take on some of the most notorious ransomware operations in history such as REvil, DarkSide, and LockBit.
The integration of telecommunications infrastructure for almost all critical verticals has been an ongoing trend. By deploying these new technologies to existing processes, governments and businesses can open and enable even more capabilities, but at the same time, this can change the attack surface for organizations. In this blog, Trend Micro breaks down telecommunications into an island analogy explaining the different characteristics and how IT teams need to be aware of telecom risks to IT assets.
Early adopters seeking a premature peek of Windows 11 via unauthorized channels may be in for a nasty surprise -- a dose of malware. It was reported that an unofficial installer is in the wild that promises to install the next version of Microsoft's ubiquitous operating system on a user's computer – but it actually contains a malicious payload.
In this video interview, Merritt Baer, principal in the AWS Office of the CISO, and Trend Micro’s VP of Cloud Security, Aaron Ansari, spent time talking about how fundamental information security is to business functions in today’s world. They discuss how everyone in an organization plays a role in ensuring that they are working to help secure the organization – from frontline workers to back-of-the-shop employees.
Google Play Protect, the Android built-in malware defense system, has failed the real-world tests of antivirus testing lab AV-TEST after detecting just over two thirds out of more than 20,000 malicious apps it was pitted against. Google Play Protect also mistakenly detected 70 apps as potentially malicious out of almost 10,000 harmless ones installed by AV-TEST from the Play Store and third-party Android app stores.
In June, the Global Certification Forum (GCF) and the 5G Automotive Association (5GAA) announced their collaboration on a new program that will support the drive for interoperability, reliability, and safety of upcoming cellular vehicle-to-everything (C-V2X) systems.
Phishing and RDP attacks are the most popular and most successful techniques ransomware gangs are using to lay the foundations for their cyber-extortion campaigns. Both attacks remain effective as they're relatively simple for cyber criminals to carry out but, if carried out successfully, can provide them with a gateway to a whole corporate network.
Newark, a high-service distributor of technology products, services, and solutions for electronics recently released its Global IoT Trends Report for 2021. The report revealed that three industries that will lead the way in IoT implementation are Industrial Automation and Control, Home Automation, and Artificial Intelligence. The report also revealed that ease of development, the need for open standards, and connectivity standards will help accelerate the adoption of IoT.
The White House is signaling to U.S. critical infrastructure companies, such as energy providers, that they must improve their cyber defenses as additional potential regulations are on the horizon. The announcement comes after multiple high profile cyberattacks this year crippled American companies and government agencies, including a ransomware incident which disrupted gasoline supplies.
Information sharing has never been a challenge in the cybercrime underground, yet “above ground” it has not always been so straightforward. Competing commercial and other considerations sometimes complicate collaborative efforts. That’s why Trend Micro has always taken an open, collaborative approach. Thanks to a new initiative with Adobe, Trend Micro Research will now be providing additional information to participating MAPP vendors.
What are your thoughts on the new BlackMatter ransomware group? Share in the comments below or follow me on Twitter to continue the conversation: @JonLClay.