Search This Blog

Powered by Blogger.

Blog Archive

Labels

Latest in CyberSecurity today : Maze Ransomware call it quits

Latest Update in what happened in CyberSecurity today and this week : Maze says goodbye, New security updates for Oracle, Adobe and Chrome and more.

 

The operators of the infamous Maze Ransomware has said a bitter (for some a very sweet) goodbye. Maze Ransomware incepted the "double squeeze" strategy of releasing the deleted data to add additional pressure on the ransom. But, recently a press release on their website appeared in broken English stating the Maze Team is “officially closed.” It further says “the Maze cartel never existed and is not existing now. It can be found only inside the heads of the journalists who wrote about it.” The message seems to give the impression that the malware group spoke for free voice and journalism in cybersecurity but their victims do sing an opposite ballet- that Maze operated for money and money only.

 Security researchers are unsure if this is a real fact or a fluke to change their strategy. Still, Maze is just one needle in a haystack, there are plenty of other Ransomwares and malware and organizations need to remain cautious. 

 Other Security Updates:

- For Oracle users, there are two security updates released this October that you should install as soon as possible- one for their WebLogic Server and another for one of their IT administrative vulnerabilities. According to the security firm FireEye, a particular hacker is looking to exploit this vulnerability and is very good at hacking his way from one organization to another. 

- Adobe has rolled out a security update for Acrobat and Acrobat Reader, users must install these releases as hackers often use Acrobat docs to release malware. 

- Googles issues a new fix for Chrome Browser.

- It is very important for organizations to be careful while storing databases online and using a very good, new, and updated password protection algorithm, which organizations usually look over similar to what happened to a forum of Cannabis growers called "GrowDiaries". Their passwords were protected by a technique called hashing that uses an outdated algorithm called MSD. And thus, security researcher Bob Diachenko could easily discover an unprotected database with usernames, email addresses, and account passwords of a million GrowDiaries users. This just reaffirms the lesson that online database should be very carefully protected.
Share it: