The ThreatLocker team provides the latest stories to keep you and your customers updated on ransomware and other malicious cybersecurity threats. Here's what's new this week:
South Korea confirms data breach of nuclear research institute
The North Korean hacking group Kimsuky has been blamed for the recent breach of the South Korean state-run nuclear research institute. The group was able to access data of key technologies and nuclear research using a VPN vulnerability. The Korea Atomic Energy Research Institute is still investigating the attack to confirm what information has been accessed, but earlyreports from lawmakersindicate this could be the country's largest-ever security breach.
SMB suppliers with poor security create opportunity for attacks against larger partner companies
Cybersecurity vulnerabilities in small and medium-sized businesses working in the defense industry are creating vulnerabilities further up the supply chain. According to new data collected by researchers, over half of the defense company subcontractors they surveyed had severe vulnerabilities in their networks, including unpatched or unsupported software and unsecured ports. These security weaknesses in small suppliers give attackers an easy way into the supply chain to ultimately launch attacks against the much larger partner organizations.
Millions of Dell devices impacted by vulnerabilities
Four major Dell security vulnerabilities have been discovered by security researchers. The flaws identified range from allowing privileged remote attackers to impersonate Dell.com using the SupportAssist software, to threat actors being able to take control of code execution in BIOSConnect. This software comes preinstalled on most Dell devices, with roughly 30 million individual devices exposed to potential attacks. In response, Dell is currently working to provide updates for impacted systems and updates for the affected executables.