CyberSecurity Knuggets

Feb 21, 2024

Recently, there has been a global law enforcement operation targeting the LockBit ransomware gang, leading to the seizure of multiple darknet domains and the arrest of two alleged members in Poland and Ukraine. The UK’s National Crime Agency has taken control of the technical infrastructure of LockBit, while the US Department of Justice has unsealed indictments against two Russian nationals for their involvement in LockBit attacks. This operation also resulted in the seizure of servers and cryptocurrency accounts tied to the gang. Additionally, decryption tools have been released to help recover files encrypted by LockBit.

There is also a critical zero-day vulnerability that could impact up to 97,000 Microsoft Exchange servers, posing a significant cybersecurity risk. Organizations using these servers need to take immediate action to mitigate this threat.

Furthermore, researchers at Varonis have identified high- and critical-severity vulnerabilities and misconfigurations affecting Apex, the programming language used by Salesforce instances. Exploiting these vulnerabilities can lead to data leakage, data corruption, and damage to business functions in Salesforce. Organizations using Salesforce instances should prioritize addressing these vulnerabilities to prevent potential exploitation.

In summary, the disruption of the LockBit ransomware gang and the zero-day vulnerability affecting Microsoft Exchange servers are critical cybersecurity issues that require immediate attention and action to mitigate the associated risks. Additionally, organizations using Salesforce instances should prioritize addressing the vulnerabilities and misconfigurations affecting Apex to prevent potential data breaches and disruptions to business operations.

Stay Well!