SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: WastedLocker adding new techniques, makes headlines
Description: The WastedLocker ransomware is now using the Windows memory management feature to evade detection. This malware has made headlines recently for its expanded use, and has even potentially been linked to a recent cyber attack on GPS service provider Garmin. WastedLocker now has the ability to disguise its actions and bypass any ransomware protections that are already deployed on a victim machine.
Snort SIDs: 54685 - 54692
Title: Microsoft fixes vulnerabilities in Azure Sphere
Description: Cisco Talos researchers recently discovered seven vulnerabilities in Microsoft's Azure Sphere, a cloud-connected SoC platform designed specifically with IoT application security in mind. The infrastructure around the Azure Sphere platform is Microsoft's Azure Sphere cloud, which takes care of secure updates, app deployment, and periodically verifying the device integrity. Internally, the SoC is made up of a set of several ARM cores that have different roles. The researchers discovered two chainable vulnerabilities within Azure Sphere that, assuming an attacker could flash a malicious application, would allow for arbitrary writing to anywhere in the /mnt/config partition, resulting in further privilege escalation.
Snort SIDs: 54501 - 53504