Euler Finance Hack, Lockbit Attacks LA Housing Authority, Winter Vivern Using Fake Anti-Virus Scanners, and More

CISA Adds Plex Vulnerability to Exploited List Following LastPass Breach

CISA added Plex Media Server vulnerability (CVE-2020-5741) to its flaw list. Attackers with admin access can execute arbitrary Python code remotely. LastPass breach likely used this. CISA also added VMware Cloud Foundation's CVE-2021-39144 to its exploited vulnerabilities list, urging organizations to patch. Read more

Euler Finance Hack Results in $197 Million Worth of Cryptocurrency Stolen

Euler Finance, a lending protocol, lost $197 million of digital assets in a flash loan attack. The attacker took $18.5M WBTC, $8.75M DAI, $33.85M USDC, and $135.8M stETH. The attackers use Tornado Cash, a sanctioned mixer, to launder the stolen funds. Researchers warn the exploit of flash loans and weakness in Euler's donation and liquidation system. Flawed logic enabled attackers to manipulate the conversion rate and profit from liquidation. Read more

LA Housing Authority Affected by Lockbit Ransomware

HACLA warns of LockBit ransomware cyber-incident, causing a data leak. Hackers accessed sensitive information from January to December 2022, including personal identification numbers, financial and medical data. Ransom demands were not met, and hackers threatened to publish all stolen files. HACLA advised affected individuals to monitor accounts, place fraud alerts, and report identity theft incidents. Read more

BianLian Ransomware Group Switches to Data Theft for Extortion

BianLian ransomware group now threatens to leak victim data for ransom instead of just encrypting it. Using its custom backdoor to remotely access devices, BianLian listed 118 victim organizations on its extortion portal, most being US-based firms. The group points out legal and regulatory risks that victims may face if breaches become public. Researchers say that the attackers are improving their extortion skills by analyzing legal risks of victims. Read more

Guide to Sizing Your Enterprise SAN Appliance for Optimal Storage

Is your enterprise storage optimized for performance and scalability? If not, you could be wasting valuable resources and missing out on potential growth. StoneFly's latest blog offers a comprehensive guide for IT managers and storage administrators on sizing enterprise SAN appliances for optimal storage. Learn how to identify the right storage capacity, calculate IOPS and throughput requirements, and ensure data redundancy and availability. With StoneFly's expert guidance, you can ensure your enterprise storage is meeting your needs and maximizing your investments. Read more

Winter Vivern APT Hackers Use Fake Antivirus Scanners to Install Aperetif Malware

Winter Vivern, a pro-Russian APT group, has been targeting European government organizations and telecommunication service providers in a cyberespionage campaign. They use fake web pages resembling government agencies to distribute malicious files. They employ Windows batch files to impersonate antivirus scanners to download malicious payloads using PowerShell. The Aperetif payload is capable of automatic file scanning and exfiltration, taking screenshots, and sending all data to a hardcoded command and control server URL. Read more

192TB Immutable & Air-Gapped Veeam Backup & DR Appliance with 20 Veeam Backup Essential Licenses for $15,995

192TB Fully Air Gapped and Immutable Veeam Backup and DR appliance with 20 Veeam Backup Essential Annual Subscription Licenses for $15,995.

10th Gen, 12-bay 2U Rackmount unit with 12x16TB (192TB) Enterprise SAS drives, 10 Core Storage Virtualization Engine, 32GB System Memory, 512GB NVMe SSD, Redundant Hot-Swappable Power Supply, 12Gb SAS Hardware RAID Controller, Dual 10Gb RJ-45 Ports, Fully Integrated SAN, NAS and optional S3 cloud storage.

All Enterprise Data services such as immutable snapshot, encryption (Hardware), Dedupe (hardware), Replication (Sync, Async), Thin provisioning, HOT/COLD Tiering, Flash Cache (NVMe+SSD), WORM (Immutable policy-based vault), Predictive failure, call home, Real-time performance, report, and notification are available as an option if needed.

For appliance demos, specifications, and quotes, contact us.?