Chrome and Edge Exploits, APC UPS Software Flaw, Apple Devices Targeted by RustBucket and More

Lazarus Subgroup BlueNoroff Deploys RustBucket Malware on Apple Devices

BlueNoroff, a North Korean hacking group, is using a new macOS malware called RustBucket to steal sensitive data and deploy ransomware. The malware is disguised as an "Internal PDF Viewer" application, and once a file is opened, it executes malicious code, bypassing traditional security measures. The group uses job-themed lures to distribute the malware and retrieves a second-stage payload from a remote server. Read more

Critical RCE Authentication Flaws Affect APC UPS Software

Critical RCE vulnerabilities in APC's online UPS monitoring software, called 'TLStorm', allow remote device access and control by hackers. The flaws (CVE-2023-29411, CVE-2023-29412, and CVE-2023-29413) can execute code, cause DoS, and mishandle case sensitivity. The Easy UPS Online Monitoring Software v2.5-GA-01-22320 and earlier versions are affected, as well as all Windows versions and Windows Server 2016, 2019, and 2022. Users are advised to upgrade to V2.5-GS-01-23036 and disable "program" mode. Read more

New Zero-Day Exploits Allow Remote Code Execution on Chrome and Edge

Google warns Chrome and Edge users to update their browsers as two zero-day exploits have been discovered. The CVE-2023-2033 and CVE-2023-2136 vulnerabilities could be exploited remotely and allow attackers to execute remote code and perform a sandbox escape. The former is a type confusion error, while the latter is an integer overflow in Skia. Read more

Chinese Threat Group Gallium Uses PingPull and Sword2033 Malware for Espionage

Chinese hacker group - Gallium, AKA Alloy Taurus, is using two new variants of Linux malware, PingPull and Sword2033, to launch cyberespionage attacks in South Africa and Nepal. PingPull is a remote access trojan controlled by the attacker’s C2 server using different HTTP parameters, while Sword2023 is a backdoor that communicates with the same C2 server and can exfiltrate sensitive files for espionage. Read more

How to Calculate and Improve Recovery Time and Point Objectives

Improve your recovery time and point objectives (RTPO) by calculating them accurately. This blog post shares insights on calculating RTPO and how to enhance it. The post discusses the importance of RTPO, how to calculate it, and measures to improve it. It also emphasizes the significance of a robust disaster recovery plan to ensure that businesses are not affected by unforeseen disruptions. Read more

Point32Health Confirms Ransomware Attack, Service Disruption for Health Insurance Customers

Point32Health, a health insurer, has confirmed a ransomware attack on its IT systems, resulting in service disruption for customers. The attack targeted customer data, and the identity of the attackers and the ransomware used in the attack remain undisclosed. Law enforcement and cybersecurity experts have been notified of the incident. Read more

98TB Immutable & Air-Gapped Veeam Backup & DR appliance with 10 Veeam Backup Essential licenses for $9,995

98TB Fully Air Gapped and Immutable Veeam Backup and DR appliance with 10 Veeam Backup Essentials Annual Subscription License for $9,995.

10th Gen, 8-bay 2U Rackmount unit with 7x14TB (98TB) Enterprise SAS drives, 10 core Storage Virtualization Engine, 32GB System Memory, 512GB NVMe SSD, Redundant Hot-Swappable Power Supply, 12Gb SAS Hardware RAID Controller, Dual 10Gb RJ-45 Ports, Fully Integrated SAN, NAS and optional S3 cloud storage.

All Enterprise Data services such as immutable snapshot, encryption (Hardware), Dedupe (hardware), Replication (Sync, Async), Thin provisioning, HOT/COLD Tiering, Flash Cache (NVMe+SSD), WORM (Immutable policy-based vault), Predictive failure, call home, Real-time performance, report, and notification are available as an option if needed.

For appliance specifications, demos, and quotes, contact us.