Killer Robots, ESXI, Lockbit, MoveIt, CISA, SEC, Texas, Aaran Leyland, & More – SWN #305
This week Dr. Doug talks: Killer Robots, ESXI, Lockbit, MoveIt, CISA, SEC, Texas, Aaran Leyland, and More on this edition of the Security Weekly News.
Hosts
Doug White
Professor at Roger Williams University
- 1. Chinese Cyberspies Caught Exploiting VMware ESXi Zero-Day
- 2. Feds arrest, charge Russian national in AZ for LockBit attacks
- 3. Progress Software rushes to patch another MOVEit SQL vulnerability
- 4. Exclusive: US government agencies hit in global cyberattack
- 5. SEC delays final rule on proposed four-day breach notification for public companies until October
- 6. CISA Order Highlights Persistent Risk at Network Edge – Krebs on Security
- 7. Texas will require parental consent for kids to use social media
- 8. Singapore to roll out more Robocops
Aaran Leyland
Cyber security lead EMEA at Defence
- 1. Chinese hackers use DNS-over-HTTPS for Linux malware communication
The Chinese threat group 'ChamelGang' infects Linux devices with a previously unknown implant named 'ChamelDoH,' allowing DNS-over-HTTPS communications with attackers' servers.
The particular threat actor was first documented back in September 2021 by Positive Technologies; however, the researchers only focused on the Windows toolkit.
A report published yesterday by Stairwell and shared with BleepingComputer describes a new Linux implant written in C++ that expands the threat actor's intrusion arsenal and, by extension, the attackers' indicators of compromise.