FBI shares AvosLocker ransomware technical details, defense tips

The U.S. government has updated the list of tools AvosLocker ransomware affiliates use in attacks to include open-source utilities along with custom PowerShell, and batch scripts.

In a joint cybersecurity advisory, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) also share a YARA rule for detecting malware in the guise of a legitimate network monitoring tool.

Read Full Article

Microsoft PowerShell Gallery vulnerable to spoofing, supply chain attacks

Lax policies for package naming on Microsoft’s PowerShell Gallery code repository allow threat actors to perform typosquatting attacks, spoof popular packages and potentially lay the ground for massive supply chain attacks.

PowerShell Gallery is a Microsoft-run online repository of packages uploaded by the wider PowerShell community, hosting a large number of scripts and cmdlet modules for various purposes.

Read Full Article

U.S. hunts Chinese malware that could disrupt American military operations

The Biden administration is hunting for malicious computer code it believes China has hidden deep inside the networks controlling power grids, communications systems and water supplies that feed military bases in the United States and around the world, according to American military, intelligence and national security officials.

The discovery of the malware has raised fears that Chinese hackers, probably working for the People’s Liberation Army, have inserted code designed to disrupt U.S. military operations in the event of a conflict, including if Beijing moves against Taiwan in coming years.

Read Full Article

DOD Enters $13.8 Million Agreement to Expand Domestic Manufacturing to Strengthen U.S. Supply Chains

The Department of Defense’s Office of the Assistant Secretary of Defense for Industrial Base Policy (OASD(IBP)), through its Manufacturing Capability Expansion and Investment Prioritization (MCEIP) Directorate, announced it has entered a $13.8 million agreement with The Timken Company (Timken) to increase production of high-precision ball bearings at its facility in Keene, New Hampshire.

Read Full Article

Iowa’s largest school district confirms ransomware attack, data theft

Des Moines Public Schools, Iowa’s largest school district, confirmed today that a ransomware attack was behind an incident that forced it to take all networked systems offline on January 9, 2023.

While the school district also received a ransom demand following the attack from an unnamed ransomware group, the ransom has not been paid.

Almost 6,700 individuals whose data was affected in the resulting data breach will be contacted this week with details regarding what personal information was exposed.

Read Full Article