The U.S. Cybersecurity and Infrastructure Agency (CISA) and the FBI have issued guidance for protecting critical infrastructure from ransomware, shedding some light on the DarkSide attack that crippled the Colonial Pipeline and left much of the East Coast facing an energy shortage.
The agencies didn’t name Colonial in the alert, referring only to a “pipeline company.” The company proactively disconnected operational technology (OT) systems upon discovering the attack, the alert said, noting that “there are no indications that the threat actor moved laterally to OT systems.”
Despite those efforts, the pipeline is expected to remain shuttered for days.
minute read
Share this article:
The sophisticated threat is targeting Microsoft Exchange servers via ProxyLogon in a wave of fresh attacks against North American targets.
The Lemon Duck cryptocurrency-mining botnet has added the ProxyLogon group of exploits to its bag of tricks, targeting Microsoft Exchange servers.
That’s according to researchers at Cisco Talos, who said that the cybercrime group behind Lemon Duck has also added the Cobalt Strike attack framework into its malware toolkit and has beefed up anti-detection capabilities. On the latter front, it’s using fake domains on East Asian top-level domains (TLDs) to hide command-and-control (C2) infrastructure.
Cyberattacks targeting Active Directory (AD) are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD to introduce or propagate malware. In this April roundup, the Semperis Research Team highlights identity-related cyberattacks, including ransomware attacks on UK-based education charity Harris Federation and . The post Identity Attack Watch: April 2021 appeared first on Semperis.
Tech
your username
7 hours ago
On Tuesday, Interactive Graphic Solutions LLC filed a complaint in the Western District of Texas against Microsoft Corporation alleging that Microsoft infringed some of its patents relating to graphic displays and processing.
The patents-in-suit are United States Patent Nos. 7,916,147 (the ’147 patent); 8,081,192 (the ’192 patent); 8,203,568 (the ’568 patent); 8,466,922 (the ’922 patent); 9,113,146 (the ’146 patent); 9,117,285 (the ’285 patent); 9,424,621 (the ’621 patent); and 9,852,490 (the ’490 patent). Most of the patents-in-suit are entitled, “Centralised Interactive Graphical Application Server” and one is entitled, “Sharing a graphical processing unit between a plurality of programs.”
According to the complaint, Microsoft “makes, uses, sells, offers to sell, and/or imports” products or systems that allegedly infringe the patents-in-suit. Reportedly, these infringing products include “its Operating Systems with R