CSTI
    industryThe Ransomware Era (2020-Present) Daily Briefing

    Cybersecurity Briefing: Key Events of September 22, 2021

    Wednesday, September 22, 2021

    # Lead Story: REvil Ransomware Resurgence

    The notorious REvil ransomware group has made a formidable comeback after a brief hiatus, launching attacks on new victims and republishing stolen data. This resurgence comes in the wake of increased law enforcement scrutiny that had previously forced the group into hiding. Organizations are urged to bolster their defenses against potential REvil attacks as the threat landscape continues to evolve and adapt to security measures.

    # Secondary Items:

    Olympus Medical Tech Breach

    Olympus reported a potential cybersecurity incident suspected to be a ransomware attack linked to the BlackMatter group. The breach affected IT systems primarily in the EMEA region, raising concerns about the integrity of sensitive medical data and the operational capabilities of the company in the wake of the attack.

    Microsoft’s VBA Vulnerability (CVE-2021-40444)

    Microsoft has issued a warning regarding a critical zero-day vulnerability in its MSHTML component, identified as CVE-2021-40444. This flaw allows attackers to execute arbitrary code through malicious documents and poses a significant risk until a patch is released. Organizations are advised to implement defensive measures to mitigate exploitation risks.

    Apple’s Zero-Click Exploit

    Apple has addressed a severe vulnerability that enables unauthorized access to devices via a zero-click exploit, notably used by the NSO Group's Pegasus spyware. This exploit allows attackers to compromise devices without any user interaction, putting user privacy and security at risk. Apple users should update their devices to ensure protection against this threat.

    # Analyst Perspective The events of September 22, 2021, underscore the relentless nature of cybersecurity threats. With a 17% increase in data breaches reported in 2021 compared to the previous year, organizations must remain vigilant. The resurgence of groups like REvil and the emergence of critical vulnerabilities like CVE-2021-40444 highlight the importance of proactive security measures. As cybercriminals continue to refine their tactics, the need for robust defenses and rapid response capabilities has never been more critical.

    Sources

    REvil CVE-2021-40444 BlackMatter Apple data breaches