Blacksite's Intelligence Report - Thursday Edition for Week of May 3rd, 2022

The Blacksite Weekly Intelligence Report:

Thursday Edition

 Aged Vulnerabilities Present in AVAST and AVG Antivirus Discovered

 The flaws reside in a legitimate anti-rootkit kernel driver named aswArPot.sys and are said to have been introduced in Avast version 12.1, which was released in June 2016. The flaws could also be exploited as part of a second-stage browser attack or to perform a sandbox escape, leading to far-reaching consequences. Avast addressed the issues in version 22.1 of the software released on February 8, 2022; no evidence that these flaws were abused in the wild.

More information: https://www.sentinelone.com/labs/vulnerabilities-in-avast-and-avg-put-millions-at-risk/


Congestion Control Upgrade on Tor Network will Help with Speed Performance

 The Tor Project has published details about a newly introduced system called Congestion Control that promises to eliminate speed limits on the network. The new system is up and running in the Tor protocol version 0.4.7, the latest stable release available since last week. The system implements three algorithms, namely Tor-Westwood, Tor-Vegas and Tor-NOLA, which collectively help reduce memory consumption and stabilize and minimize queue delay and latency. For the entire community to benefit from the improvements, exit relay operators will have to upgrade.

More information: https://blog.torproject.org/congestion-contrl-047/


Chinese APT41 Group IP Theft Undetected Since 2019

 Chinese hacking group known as 'Winnti' has been stealthily stealing intellectual property assets like patents, copyrights, trademarks, and other corporate data. Operation CuckooBees has been underway since at least 2019 and targeted technology and manufacturing firms in East Asia, Europe, and North America. The group is believed to be backed by the Chinese state and operates on behalf of its national interests. The financial losses incurred by the operation are hard to determine, but the figure should be on a scale that puts the operation among the most damaging cyber campaigns of the past years.

More information: https://www.cybereason.com/blog/operation-cuckoobees-cybereason-uncovers-massive-chinese-intellectual-property-theft-operation


SEC Expands Crypto Enforcement Unit to Fight Fraud

 The U.S. Securities and Exchange Commission is expanding its Cyber Unit. The unit will focus on cybersecurity issues, including fraud and fraud. The new unit will also focus on non-financial issues, such as fraud and theft of assets. The agency has already taken in more than $2 billion in fines and penalties for those who do not comply with the law, according to the agency. The team is also expected to take in at least $1 billion more in fines for fraud in the past five years.

More information: https://www.sec.gov/news/press-release/2022-78

 
 How Blacksite ZTNA Can Help Protect Your Business Against Cyber Threats

The first step in protecting your company against cyber threats is to make sure you have a solid cybersecurity plan. A cybersecurity plan helps you make sure that your company has the proper safeguards in place to protect your business. Expert security company Blacksite can help you with all your cybersecurity needs. At Blacksite we can help your company develop a cybersecurity plan that is tailored to your business needs. Blacksite implements the latest ZTNA technology to keep your business apps, data, and services safe from prying eyes and potential cybersecurity threats that you might experience in the future. Blacksite specializes in providing cybersecurity solutions in data protection, risk management, encryption, cyber security strategy, and cyber security education at an affordable price to accommodate your business whether it’s a small family owned to that of the size of a fortune 500.

 More information: https://blacksite.solutions/products

 Please contact us and we’ll be glad to assist you.

 Become invisible, become secure.