Diaxin Ransomware, Windows Zero-Day Threat, 6G Tech, Cybersecurity Insights – Ukraine War

3 minute read

October 2022

In this episode of GRXcerpts, we keep you updated on interesting and trending headlines in cybersecurity including new emerging threats, 6G technology and the impact on your attack surface, and insightful cybersecurity takeaways from the Ukraine War. Watch now:

Emerging Threats: Diaxin Ransomware 

The ransomware group Daixin, which has been targeting the healthcare and public health sectors since June of this year,  is now using VPN servers to gain access, then SSH and RDP to spread through networks. The FBI, Cybersecurity and Infrastructure Security Agency (CISA), and Department of Health and Human Services (HHS) are warning health providers to secure VPN services, enable multi-factor authentication, locking down RDP, turning off SSH, and securing wide area networks with strong passwords and encryption when enabled.

New Zero-Day Threat: Windows

Bleeping Computer reports that a new Windows zero-day allows threat actors to use malicious stand-alone JavaScript files to bypass Mark-of-the-Web security warnings. Mark-of-the-Web is a Windows security feature that flags a file as having been downloaded from the Internet and, therefore, should be treated with caution as it could be malicious. However, threat actors have been modifying the authenticode-sign file and including executables to bypass the Mark-of-the-Web security warning. Once the signature is corrupted, Windows does not check the file using Smartscreen and allows it to run.  HP’s threat intelligence team recently reported that threat actors are infecting devices with Magniber ransomware using the JavaScript to bypass the warning window and deliver the malware.

Technology Update: 6G

New technologies always bring new threats to light, and 6G technology is no exception. The next generation of cellular technology promises improvements in bandwidth utilization, data delivery and application enablement, as well as new ways for people to interact with their surroundings. But cybersecurity is also a focus of the new technology. Researchers are prioritizing 6G as a means to optimize cybersecurity in the internet of things and user data security. Additionally, they are looking into ways to better leverage machine learning and artificial intelligence to train cybersecurity systems and algorithms. But a word of caution. For cybersecurity teams, 6G also translates to an increase in the attack surface, as 6G technology is expected to accommodate up to 10 million IoT devices in the same area. These devices represent new attack vectors that unauthorized users can access to extract data. As security and risk professionals know all too well, every increase in connected devices has a corresponding increase in exposure to risk events. Beyond phones, devices under threat include health care equipment, industrial machines, computers, and the network infrastructure itself. As 6G advances, the research is focusing on preventing cyber crimes, and combating threats inherent in the growing multi vendor marketplace.

Cybersecurity Takeaways from the Ukraine War 

The Ukraine war, now in its ninth month, caught the cybersecurity world by surprise. Still, Rob Joyce, director of the NSA Cybersecurity Directorate, shared an unexpected lesson learned, citing that sharing intelligence on cyberthreats with industry and critical infrastructure providers “can really make a big and decisive difference.”  Joyce stressed the need for greater knowledge, sharing that despite the competitive nature of business, it’s necessary for everyone’s mutual benefit and safety. In his words, “we can share the insights about what we know without putting at risk how we know it.”  

Sharing cybersecurity knowledge is a primary driver behind Cyber Risk Nation, a community of security and risk professionals. Launched by CyberGRX earlier this year, Cyber Risk Nation provides the platform for members to discuss the challenges of third-party risk in a crowdsourced environment. For more information on how you can join, go to our website at CyberGRX.com.

All information is current as of October 31, 2022. Subscribe to receive future episodes as they are released.

View previous episodes of GRXcerpts:

Related Articles

About Us

ProcessUnity is a leading provider of cloud-based applications for risk and compliance management. The company’s software as a service (SaaS) platform gives organizations the control to assess, measure, and mitigate risk and to ensure the optimal performance of key business processes. ProcessUnity’s flagship solution, ProcessUnity Vendor Risk Management, protects companies and their brands by reducing risks from third-party vendors and suppliers. ProcessUnity helps customers effectively and efficiently assess and monitor both new and existing vendors – from initial due diligence and onboarding through termination. Headquartered outside of Boston, Massachusetts, ProcessUnity is used by the world’s leading financial service firms and commercial enterprises. For more information, visit www.processunity.com.