In this week’s edition of the V11 security newsletter, we take a look at the latest news on cybercrime and fraud. We also have advisories from CISA on protecting industrial control systems, and information on pro-Russian DDoS attacks.
BlackCat gang’s $million ransom demand
According to reports, the BlackCat gang has demanded a $million ransom from an unnamed organization. The gang is known for their work in cybercrime, and this latest demand is said to be in response to a recent increase in fraud attempts.
The BlackCat gang is believed to be behind a number of recent high-profile cyberattacks. In particular, the gang is thought to be responsible for the attack on the U.S. Office of Personnel Management (OPM) that led to the theft of over 20 million records.
The OPM attack is believed to have been carried out in order to obtain information that could be used to commit fraud. The BlackCat gang is said to be using this information to target organizations with large amounts of money.
The demand for a $million ransom is just the latest example of the BlackCat gang’s attempts to extort money from organizations. It remains to be seen whether or not the gang will be successful in this latest attempt.
Fraudster’s false claims CISA releases ICS advisories
- A fraudster is making false claims about the safety of CISA’s ICS advisories.
The fraudster, who goes by the name “BlackCat”, is demanding $1 million in exchange for not releasing information that they claim would show that CISA’s ICS advisories are ineffective.
BlackCat has made a number of false claims about the advisories, including that they do not address known vulnerabilities, and that they have been released without proper testing.
CISA has addressed these claims, stating that the advisories are based on sound security research and that they have been thoroughly tested before release.
- CISA releases ICS advisories
The Cybersecurity and Infrastructure Security Agency (CISA) has released two new advisories for industrial control systems (ICS).
The first advisory, CVE-2020-0796, addresses a critical vulnerability in Microsoft Windows TCP/IP that could be exploited to allow remote code execution. The second advisory, CVE-2020-2568, addresses a medium severity vulnerability in Siemens SIMATIC WinCC OA that could be exploited to allow unauthorized access.
Both of these advisories provide mitigations that can be used to protect
Pro-Russian DDoS attack Conclusion
- The pro-Russian DDoS attack was thwarted by the mitigations put in place by the targeted organization.
- The attackers used a variety of tools and techniques to try to take down the organization’s website, but they were ultimately unsuccessful.
- The organization’s response to the attack was commendable and prevented any significant damage from being done.
- This incident highlights the importance of having strong defenses against DDoS attacks, especially for organizations that are likely to be targeted by them.