Monthly Archives: September 2021

Trend Micro Incorporated : Examining the Cring Ransomware Techniques

Trend Micro Incorporated : Examining the Cring Ransomware Techniques

The Cringransomwaremade headlines as the threat was used in an attack thatexploited a bugin the 11-year-old version of the Adobe ColdFusion 9 software. This has been the first recorded incident involving Cring operators’ use of the said vulnerability. Past Cring attacks either abused unsecure remote desktop protocol (RDP) or virtual private network (VPN)vulnerabilitiesto gain initial access. Ransom.Win32.CRING.Cis our detection name for the executable, whileRansom.MSIL.CRYNG.Ais the detection name that is used to detect C#-based samples for the same ransomware. In this entry, we look at the techniques typically employed by this ransomware, as well as the most affected regions and industries. The Cring ransomware… Source link

Read More »

Four Questions for Rick Riordan – Publishers Weekly

Four Questions for Rick Riordan – Publishers Weekly

By Michael M. Jones | After writing more than two dozen books inspired by Greek, Roman, Egyptian and Norse mythology, Rick Riordan heads into the ocean for his latest adventure. In Daughter of the Deep, he makes his first foray into science fiction with a contemporary reimagining of Jules Verne’s classic submarine-piloting antihero, Captain Nemo. The novel explores Nemo’s legacy through the experiences of his latest descendant, 14-year-old Ana Dakkar. PW spoke with Riordan about how this project represents a number of firsts for him. We also chatted briefly about the Rick Riordan Presents imprint, whose most recent releases include The Cursed Carnival: and Other Calamities, an anthology featuring all of the imprint’s authors so far; and the third… Source link

Read More »

Barracuda launches cloud-native SASE platform

Barracuda launches cloud-native SASE platform

COMPANY NEWS:  Cloud security solutions provider Barracuda Networks has launched a cloud-native SASE platform that it says enables businesses to control access to data from any device, anytime, anywhere. The platform brings together Secure SD-WAN, Firewall-as-a-Service, Zero Trust Network Access, and Secure Web Gateway technology from Barracuda to achieve SASE convergence. The Cloud-native SASE platform includes the releases of Barracuda CloudGen WAN and Barracuda CloudGen Firewall which the company says adds several security and network capabilities: Enables security services on customers’ cloud hubs, in addition to being able to run them directly on their site devices. Dramatically improves application performance with dynamic Forward Error Correction (FEC), extending… Source link

Read More »

Attackers use old Windows ColdFusion server to spread Cring ransomware

Attackers use old Windows ColdFusion server to spread Cring ransomware

Old sometimes is not gold, especially when it comes to ancient versions of ColdFusion running on versions of Windows that have reached their end-of-life, as the global security firm Sophos has demonstrated through its research into a server that was taken over by unknown actors using the Cring ransomware. Andrew Brandt, principal researcher at SophosLabs, said the recent findings — no time element was given — had shown that Adobe ColdFusion 9 — which is 11 years old — and Windows Server 2008 — which was declared end-of-life for the Web-application development platform in 2016 — were running on the server that served as an entry point. Several other machines were also hit with the same ransomware and made inaccessible, but the box running ColdFusion was partially… Source link

Read More »

Cring Ransomware Exploits 11-Year-Old Adobe ColdFusion

Cring Ransomware Exploits 11-Year-Old Adobe ColdFusion

OXFORD, United Kingdom, Sept. 21, 2021 (GLOBE NEWSWIRE) — Sophos, a global leader in next-generation cybersecurity, has published research, “Cring Ransomware Exploits Ancient ColdFusion Server,” describing a sophisticated attack the Cring ransomware operators mounted against a target after hacking a server running an unpatched, 11-year-old version of Adobe’s ColdFusion 9 software. The target used the server to collect timesheet and accounting data for payroll and to host multiple virtual machines. The attackers breached the internet-facing server in minutes and executed the ransomware 79 hours later. “Devices running vulnerable, outdated software are low-hanging-fruit for cyberattackers looking for an easy way into a target,” said Andrew Brandt, principal researcher at… Source link

Read More »

Cring Ransomware Exploits 11-Year-Old Adobe ColdFusion Software To Launch Advanced Attack, Sophos Research Reveals

Cring Ransomware Exploits 11-Year-Old Adobe ColdFusion Software To Launch Advanced Attack, Sophos Research Reveals

Cring Ransomware Adobe’s ColdFusion ransom note The attackers posted a ransom note which says they also exfiltrated data that is “ready to leak in case we can not make a good deal.” The attackers posted a ransom note which says they also exfiltrated data that is “ready to leak in case we can not make a good deal.” OXFORD, United Kingdom, Sept. 21, 2021 (GLOBE NEWSWIRE) — Sophos, a global leader in next-generation cybersecurity, has published research, “Cring Ransomware Exploits Ancient ColdFusion Server,” describing a sophisticated attack the Cring ransomware operators mounted against a target after hacking a server running an unpatched, 11-year-old version of Adobe’s ColdFusion 9 software. The target used the server to collect timesheet and accounting data for payroll and to… Source link

Read More »

Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug

Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug

Unidentified threat actors breached a server running an unpatched, 11-year-old version of Adobe’s ColdFusion 9 software in minutes to remotely take over control and deploy file-encrypting Cring ransomware on the target’s network 79 hours after the hack. The server, which belonged to an unnamed services company, was used to collect timesheet and accounting data for payroll as well as to host a number of virtual machines, according to a report published by Sophos and shared with The Hacker News. The attacks originated from an internet address assigned to the Ukrainian ISP Green Floid. “Devices running vulnerable, outdated software are low-hanging-fruit for cyberattackers looking for an easy way into a target,” Sophos principal researcher Andrew Brandt said. “The surprising thing is… Source link

Read More »

Environmental Map Delay Spurs Worries of Slowing Equity Effort

Environmental Map Delay Spurs Worries of Slowing Equity Effort

Some environmental justice advocates are losing patience with White House efforts to launch a new screening tool that promises to pinpoint long-neglected and polluted communities, arguing that such vulnerable neighborhoods are well known. Many are so obvious that they have nicknames, such as Louisiana’s “Cancer Alley” or the “Diesel Death Zone”—a California community home to the Port of Los Angeles, multiple oil and asphalt refineries, and surrounded by three major freeways. “We already know these communities,” said Anthony Rogers Wright, the New York Lawyers for the Public Interest’s director of environmental justice. “This is not metaphysics, or calculus, or cold fusion—I think we’re over-complicating it,” he said, noting environmental justice screening tools… Source link

Read More »

Cring ransomware group exploits ancient ColdFusion server – Sophos News

In an attack recently investigated by Sophos, an unknown threat actor exploited an ancient-in-internet-years vulnerability in an 11-year-old installation of Adobe ColdFusion 9 to take control of the ColdFusion server remotely, then to execute ransomware known as Cring on the server, and against other machines on the target’s network. While several other machines were “bricked” by the ransomware, the server hosting ColdFusion was partially recoverable, and Sophos was able to pull evidence in the form of logs and files from the machine. The server running ColdFusion was running the Windows Server 2008 operating system, which Microsoft end-of-lifed in January, 2020. Adobe declared end-of-life for ColdFusion 9 in 2016. As a result, neither the operating system nor the ColdFusion… Source link

Read More »