Yearly Archives: 2021

Ransomware Patch or Perish: Attackers Exploit ColdFusion

Ransomware Patch or Perish: Attackers Exploit ColdFusion

Cring Ransomware Unleashed After Attackers Exploit Unpatched Flaw From 2009 Mathew J. Schwartz (euroinfosec) • September 27, 2021     Ransom note left by attackers wielding Cring ransomware (Source: Sophos) For battling ransomware, experts advise security teams to keep current on how attackers have been hacking their latest victims. In particular, they need to learn from attacks that target other organizations in their sector, and… Source link

Read More »

Local Electricity Provider and Offshore Wind Developers Hail New State Law – Redheaded Blackbelt

Local Electricity Provider and Offshore Wind Developers Hail New State Law – Redheaded Blackbelt

New legislation just signed into law on Thursday by Gov. Gavin Newsom will significantly advance the development of an offshore wind power industry on the West Coast, especially in Humboldt County, say developers of a proposed local project and the area’s Community Choice Aggregator (CCA). The legislation, AB 525, which was approved nearly unanimously by the California Legislature earlier this month, directs California state agencies to develop a strategic plan to facilitate the development of offshore wind on a large scale over the next two decades. California law states that, by 2045, 100 percent of electricity consumed in California must come from carbon-free sources. One study has suggested offshore wind has the potential to generate electricity in an amount equal to 150 percent… Source link

Read More »

Upcoming concerts in Alaska for the week of September 23-29 | Entertainment

Upcoming concerts in Alaska for the week of September 23-29 | Entertainment

    Thursday September 23rd           The Carousel Lounge – Live music w/ Matt & Co.  9p-12a Dirty Skillet (Hope) – Summer Thursdays with Hwy9  6p-9p Eddies Sport’s Bar – KBEAR Country Night with DJ Steve Franklin  8p-12a Flattop Pizza & Pool – Jukebox Karaoke Roadshow  9p-12a Floaters (Big Lake) – Karaoke with Steve   7:30p-11:30p Garcia’s Cantina & Café (Eagle River) – Jared Woods  8p-11p Humpys – Lisa Lisa & That Guy LIVE 8p-11:30p Koots – Lowroc.  10p-1:30a Mad Myrna’s – Thursdays with DJ Covy  10p-2a Van’s Dive Bar – Bluegrass Is Back w/ Todd Grebe 9p-12a Williwaw Social – Throwback Thursday with DJ Joe Brady… Source link

Read More »

Trend Micro Incorporated : Examining the Cring Ransomware Techniques

Trend Micro Incorporated : Examining the Cring Ransomware Techniques

The Cringransomwaremade headlines as the threat was used in an attack thatexploited a bugin the 11-year-old version of the Adobe ColdFusion 9 software. This has been the first recorded incident involving Cring operators’ use of the said vulnerability. Past Cring attacks either abused unsecure remote desktop protocol (RDP) or virtual private network (VPN)vulnerabilitiesto gain initial access. Ransom.Win32.CRING.Cis our detection name for the executable, whileRansom.MSIL.CRYNG.Ais the detection name that is used to detect C#-based samples for the same ransomware. In this entry, we look at the techniques typically employed by this ransomware, as well as the most affected regions and industries. The Cring ransomware… Source link

Read More »

Four Questions for Rick Riordan – Publishers Weekly

Four Questions for Rick Riordan – Publishers Weekly

By Michael M. Jones | After writing more than two dozen books inspired by Greek, Roman, Egyptian and Norse mythology, Rick Riordan heads into the ocean for his latest adventure. In Daughter of the Deep, he makes his first foray into science fiction with a contemporary reimagining of Jules Verne’s classic submarine-piloting antihero, Captain Nemo. The novel explores Nemo’s legacy through the experiences of his latest descendant, 14-year-old Ana Dakkar. PW spoke with Riordan about how this project represents a number of firsts for him. We also chatted briefly about the Rick Riordan Presents imprint, whose most recent releases include The Cursed Carnival: and Other Calamities, an anthology featuring all of the imprint’s authors so far; and the third… Source link

Read More »

Barracuda launches cloud-native SASE platform

Barracuda launches cloud-native SASE platform

COMPANY NEWS:  Cloud security solutions provider Barracuda Networks has launched a cloud-native SASE platform that it says enables businesses to control access to data from any device, anytime, anywhere. The platform brings together Secure SD-WAN, Firewall-as-a-Service, Zero Trust Network Access, and Secure Web Gateway technology from Barracuda to achieve SASE convergence. The Cloud-native SASE platform includes the releases of Barracuda CloudGen WAN and Barracuda CloudGen Firewall which the company says adds several security and network capabilities: Enables security services on customers’ cloud hubs, in addition to being able to run them directly on their site devices. Dramatically improves application performance with dynamic Forward Error Correction (FEC), extending… Source link

Read More »

Attackers use old Windows ColdFusion server to spread Cring ransomware

Attackers use old Windows ColdFusion server to spread Cring ransomware

Old sometimes is not gold, especially when it comes to ancient versions of ColdFusion running on versions of Windows that have reached their end-of-life, as the global security firm Sophos has demonstrated through its research into a server that was taken over by unknown actors using the Cring ransomware. Andrew Brandt, principal researcher at SophosLabs, said the recent findings — no time element was given — had shown that Adobe ColdFusion 9 — which is 11 years old — and Windows Server 2008 — which was declared end-of-life for the Web-application development platform in 2016 — were running on the server that served as an entry point. Several other machines were also hit with the same ransomware and made inaccessible, but the box running ColdFusion was partially… Source link

Read More »