From The Blog

The same Ransomware gang that hit MSI recently also appears to have hit Pharmacy services provider PharMerica and stole information on 5.8 million patents. The data that was exfiltrated as part of the attack includes social security numbers, full name and address, health insurance, medications, and date of birth. PharMerica disclosed the breach to the Maine Attorney General on March 12th, 2023.

There is a new player in the ransomware space. Dubber RA group this new organization appears to have had their grand opening last month (April 2023). RA Group published a data leak site on the dark web as part of the now all too familiar double extortion scheme that most ransomware brings to the table. RA Group is also one of the organizations that has leveraged the Babuk source code links to get things going, as reported by Cisco Talos.

Two new variants of Cobalt Strike written in Ggoogle’s Golang have popped up on the wild internet. According to SentinelOne, this new flavor is set up to target macOS systems. They have also noted that this new beacon (called Geacon) has been popping up on malware review sites like Virus Total in the past few months. The new detections could be part of red-teaming exercises, but the increase seems to indicate that real-world malicious activity is also part of the surge in detections.

Cybersecurity firm OTORIO has announced several new vulnerabilities in cloud management platforms at Black Hat Asia 2023. The Israeli company named three industrial cellular providers with a total of eleven vulnerabilities which could allow for complete compromise of operational technology devices. These three providers represent a very large number of OT and IIoT (Industrial Internet of Things) devices, making them a serious concern.

Game reviews are always fun things to do. I mean it is playing a game and then writing about anything you found while playing it (sounds like fun). The challenge comes from being objective in your writing Vs subjective. Something that I might personally dislike in a game might be the thing that makes a game fun for someone else. It is with that in mind that we bring you our first game review in years. We will be breaking the game down into a couple of areas, objective and subjective findings. So. Let’s kick this off with the fun part, the subjective part.

The popular socialization platform, Discord, is alerting users to a data breach that occurred due to the compromise of a support agent account. The breach appears to be limited in scope to the ticket queue that the third-party agent was responsible for. The ticket queue contained email addresses, attachments and all messages that might have been exchanged during ticket resolution with this agent.

The UK’s CMA (Competition and Markets Authority has added new restrictions on Microsoft and Activision Blizzard after already issuing a formal anti-trust warning over the deal back in January. Now the regulator has added additional orders that prevent either party from “acquiring an interest” in each other without written permission from the CMA.

After a Leak of Babuk ransomware source code in late 2021 researchers have identified 9 separate new stains that are intended to target VMware ESXi. The new variants first started showing up in the 2cond half of 2022. As with ransomware as a service, having leaked source code allows less sophisticated attack groups to utilize the work of others to their advantage. In this case the targeting the Linux based ESXi. ESXi is a great target as it allows for the encryption of infrastructure and prevents the rapid restoration of systems since the infrastructure those servers run on is what has been affected.

After Phill Spencer’s recent comments on why Microsoft can’t beat Sony or Nintendo via “normal methods” we started to wonder why he would make this kind of statement. So, with our usual OCD we dove into some of the things that are happening at both Microsoft and Microsoft Gaming. Microsoft has been in an interesting spot and not for the first time. They seem to get into this spot where they are in between strategic and tactical projects. In this “down” time we tend to seem them look to shore up documentation, investigate acquisitions to expand their reach, and start to plan for their next conquest.

Microsoft’s Patch Tuesday for May included a patch that was a fix for a flaw that was created from another patch back in March 2023. The March patch was meant to fix vulnerability CVE-2023-23397 which was a known exploited critical vulnerability in Microsoft Outlook’s MapUrlToZone security measure. It was allegedly abused by Russian based threat actors since April 2022. The new flaw is a bypass for the fix put in place in March.