8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian Businesses
A ransomware threat called 8Base that has been operating under the radar for over a year has been attributed to a "massive spike in activity" in May and June 2023.
"The group utilizes encryption paired with ‘name-and-shame’ techniques to compel their victims to pay their ransoms," VMware Carbon Black researchers Deborah Snyder and Fae Carlisle said in a report shared with The Hacker News. "8Base Read More
The Hacker News | #1 Trusted Cybersecurity News Site
If we should face a Dead-End AI future, the cybersecurity industry will continue to rely heavily on traditional approaches, especially human-driven ones. It won’t quite…
Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware
Password Disclosure Vulnerability
The password disclosure vulnerability (CVE-2023-5552) allowed an attacker to access the password of the encrypted PDF file generated by the SPX feature.
This could have compromised the confidentiality and integrity of the data contained in the PDF file. IT für Caritas eG, a German IT service provider, discovered and responsibly disclosed the flaw.
Users who have enabled the default setting of “Allow automatic installation of hotfixes” on their Sophos Firewall are unaffected by this issue.
Temporary Solution
Users concerned about this flaw can apply a temporary solution by changing the “Password type” option in their SPX template to “Generated and stored for the recipient.”
This will prevent the password from being disclosed to an attacker.
Permanent Solution
Users who want to resolve this flaw completely should make sure they are running a supported version of Sophos Firewall.
Sophos has released hotfixes for several versions, including:
v19.5 MR3 (19.5.3) and older
v19.5 MR3 and MR2 (Hotfixes released on October 12, 2023)
v20.0 EAP1, v19.5 MR1-1, MR1, and GA (Hotfixes released on October 13, 2023)
v19.0 MR3, MR2, MR1-1, and MR1 (Hotfixes released on October 13, 2023)
Additionally, the fix for this flaw is included in v19.5 MR4 (19.5.4) and v20.0 GA.
Users using older versions of Sophos Firewall are strongly advised to upgrade to the latest version to get the best protection and this important fix.
This incident reminds users of the importance of updating their software and applying patches and hotfixes as soon as possible to maintain a strong cybersecurity posture.
Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.
Gaza-Linked Cyber Threat Actor Targets Israeli Energy and Defense Sectors
A Gaza-based threat actor has been linked to a series of cyber attacks aimed at Israeli private-sector energy, defense, and telecommunications organizations.
Microsoft, which revealed details of the activity in its fourth annual Digital Defense Report, is tracking the campaign under the name Storm-1133.
"We assess this group works to further the interests of Hamas, a Sunni militant group that is Read More
The Hacker News | #1 Trusted Cybersecurity News Site