Blogs and Latest News

Vulnerability Summary Reports by Cybernetic GI – Aug 2021

Cybernetic GI Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) /...

Continue Reading  

TOP Routinely Exploited Vulnerabilities (AA21-209A)

Background Cyber actors continue to exploit publicly known—and often dated—software vulnerabilities against broad target sets, including public and private sector organizations worldwide. However, entities worldwide can mitigate the vulnerabilities listed in this report by applying the available patches to their...

Continue Reading  

CWE Top 25 Most Dangerous Software Weaknesses, 2021

Cybernetic GI Security Bulletin provides a summary of CWE Top 25 Most Dangerous Software Weaknesses in 2021. Entries may include additional information provided by organizations. This data may include identifying information, values, definitions, and related links. The patch information is...

Continue Reading  

Kaseya Ransomware Attack- 2

In the previous installation, we delved into the history of the primary victim, Kaseya and the bad actors, REvil. From previous exploits to the final and most devastating one, REvil is and will continue to be a force to reckon...

Continue Reading  

Kaseya Ransomware Attack – 1

In 2019, Cybernetic Global Intelligence had warned about REvil. Refer to our previous blog on GandCrab ransomware: Is it back under a new REvil guise? The fourth of July celebrations in America this year were slightly different for around 1500 organizations...

Continue Reading  

Head in the Clouds: Aussie Businesses Experiencing Rise in Serious Data Breaches

From 22 February 2018, it became a requirement for certain data breaches, known as “eligible data breaches”, to be notified to the Australian Privacy Commissioner and affected individuals. Previously, it was not mandatory to supply notification of data breaches. A...

Continue Reading  

Infamous Ransom Hacker Gang REvil/Sodin Claim Responsibility for Cyber Attack Against UnitingCare.

Hackers declaring culpability for a cyber-attack on care provider UnitingCare Queensland have been confirmed as one of the largest and far-reaching cyber ransom groups in the world. Hospitals in Australia and New Zealand have fallen victim to a huge cyber...

Continue Reading  

Cyber Security Breaches in Cloud Computing

Cloud computing has been adopted by almost every organization due to its various benefits and work flexibility. However, with this adoption of the cloud, certain cybersecurity issues have been observed in cloud computing. Approximately 94% of organizations are moderate to...

Continue Reading  

Updated PCI DSS v4.0 Timeline

To follow up on an earlier communication, PCI SSC is now targeting a Q1 2022 publication date for PCI DSS v4.0. This timeline supports the inclusion of an additional request for comments (RFC) for the community to provide feedback on the...

Continue Reading  

APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity (MI-000148-MW)

The FBI is continuing to warn about Advanced Persistent Threat (APT) actors exploiting Fortinet vulnerabilities. As of at least May 2021, an APT actor group almost certainly exploited a Fortigate appliance to access a webserver hosting the domain for a...

Continue Reading