Post-Riot, the Capitol Hill IT Staff Faces a Security Mess
https://www.wired.com/story/capitol-riot-security-congress-trump-mob-clean-up/
|
Post-Riot, the Capitol Hill IT Staff Faces a Security Mess In the aftermath of destructive riots that trashed the United States Capitol on Wednesday, the nation is grappling with questions about the stability and trajectory of US democracy. But inside the ... |
---
Security News This Week: ‘Bulletproof’ Criminal VPN Taken Down in Global Sting
https://www.wired.com/story/security-news-bulletproof-criminal-vpn-taken-down/
|
A ‘Bulletproof’ Criminal VPN Was Taken Down in a Global Sting | WIRED As 2020 comes to a close, it is perhaps only fitting that the US government and private sector are both scrambling to grasp and mitigate the fallout of a massive hacking spree widely attributed to ... |
---
Stopping Serial Killer: Catching the Next Strike
https://research.checkpoint.com/2021/stopping-serial-killer-catching-the-next-strike/
|
Stopping Serial Killer: Catching the Next Strike - Check Point Research Brief When we look at a prevalent malware family, we give credit to its authors regarding the established malicious infrastructure. New malicious activity is flowing smoothly, command-and-control servers appear, everything works like Swiss watch. Are there any weak points in such a construction? To answer this question we may think about a race car. It’s... Click to Read More research.checkpoint.com |
---
FBI alert warns private organizations of Egregor ransomware attacks
https://securityaffairs.co/wordpress/113151/breaking-news/fbi-alert-egregor-ransomware.html
|
FBI alert warns private orgs of Egregor ransomware attacks--Security Affairs The US FBI has issued a Private Industry Notification (PIN) to warn private organizations of Egregor ransomware attacks. The Egregor ransomware first appeared on the threat landscape in September 2020, since then the gang claimed to […] securityaffairs.co |
---
SolarWinds hackers had access to roughly 3% of US DOJ O365 mailboxes
https://securityaffairs.co/wordpress/113108/data-breach/solarwinds-hackers-o365-mailboxes.html
|
SolarWinds hackers had access to roughly 3% of US DOJ O365 mailboxes--Security Affairs The US DoJ revealed that threat actors behind the SolarWinds attack have gained access to roughly 3% of the department’s O365 mailboxes.
The US Department of Justice (DoJ) published a press release to confirm that the threat actors behind the SolarWinds supply chain attack were able to access thousands of mailboxes of its employees. “On […] securityaffairs.co |
---
JetBrains denies involvement in the SolarWinds supply-chain hack
|
JetBrains denies involvement in the SolarWinds supply-chain hack JetBrains' CEO, Maxim Shafirov, denied reports from multiple news outlets that the company played a role in the SolarWinds supply chain attack. The privately-held software vendor was founded in ... |
---
Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack
https://securityaffairs.co/wordpress/113076/hacking/cve-2020-29583-zyxel-under-attack.html
|
Recently disclosed CVE-2020-29583 Zyxel flaw already under attack--Security Affairs Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn.
The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583, related to the presence of a hardcoded undocumented secret account. The vulnerability received a CVSS score of 7.8, it could be ... securityaffairs.co |
---
Healthcare organizations faced a 45% increase in attacks since November
https://securityaffairs.co/wordpress/113038/hacking/healthcare-industry-attacks.html
|
Healthcare organizations faced a 45% increase in attacks since November--Security Affairs Check Point researchers reported a surge in the number of attacks against organizations in the healthcare industry, 45% since November. This is more than double the overall increase observed by the experts […] securityaffairs.co |
---
New alleged MuddyWater attack downloads a PowerShell script from GitHub
https://securityaffairs.co/wordpress/112972/hacking/muddywater-attack-github-imgur.html
|
Alleged MuddyWater attack downloads a PowerShell script from GitHub--Security Affairs Security expert discovered a new piece of malware uses weaponized Word documents to download a PowerShell script from GitHub. This PowerShell script is also used by threat actors to download a legitimate image file from image hosting […] securityaffairs.co |
---
Adversary Infrastructure Report 2020: A Defender’s View
https://www.recordedfuture.com/2020-adversary-infrastructure-report/
|
Adversary Infrastructure Report 2020: A Defender’s View PLATFORM. Overview Explore the world’s most advanced security intelligence platform.; Security Intelligence Graph Learn how we produce superior security intelligence that disrupts adversaries at scale.; Interaction Points Investigate your options for interacting with elite security intelligence.; Integrations Insert unprecedented intelligence into the security tools you already use. |
---
Ezuri memory loader used in Linux and Windows malware
https://securityaffairs.co/wordpress/113160/malware/ezuri-loader-linux-attacks.html
Ezuri memory loader used in Linux and Windows malware--Security Affairs According to researchers from AT&T’s Alien Labs, malware authors are choosing the Ezuri memory loader for their malicious codes. The Ezuri memory loader tool allows to load and execute a payload directly into […] securityaffairs.co |
---
Ryuk ransomware operations already made over $150M
https://securityaffairs.co/wordpress/113142/cyber-crime/ryuk-ransomware-earnings.html
Ryuk ransomware operations already made over $150M--Security Affairs The Ryuk ransomware had a disruptive impact on multiple industries around the world, operators already earned more than $150 million. The Ryuk ransomware gang is one of the most prolific criminal operations that caused destruction in multiple industries around the world. According to a joint report published by security firms Advanced-intel and HYAS, Ryuk operators […] securityaffairs.co |
---
Multiple flaws in Fortinet FortiWeb WAF could allow corporate networks to hack
https://securityaffairs.co/wordpress/113129/hacking/fortinet-fortiweb-waf-flaws.html
Flaws in Fortinet FortiWeb WAF could allow corporate networks to hackS--ecurity Affairs Andrey Medov, a security researcher at Positive Technologies, found multiple serious vulnerabilities in Fortinet’s FortiWeb web application firewall (WAF) that could be exploited by attackers to hack into corporate networks. The flaws, tracked ... securityaffairs.co |
---
Google fixed a critical Remote Code Execution flaw in Android
https://securityaffairs.co/wordpress/113095/security/google-android-rce.html
Google fixed a critical Remote Code Execution flaw in Android--Security Affairs “The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process.” reads Google’s January Android security bulletin. The bulletin also fixed a critical DoS vulnerability, tracked as CVE-2021-0313, that affects the ... securityaffairs.co |
---
New ElectroRAT employed in a wide-ranging operation targeting cryptocurrency users
https://securityaffairs.co/wordpress/113064/malware/electrorat-campaign.html
ElectroRAT employed in a wide-ranging op against cryptocurrency users--Security Affairs Security researchers from Intezer uncovered a large scale operation targeting cryptocurrency users with a previously undetected RAT named ElectroRAT. The campaign was uncovered in December, but according to the experts is active since at least January ... securityaffairs.co |
---
Analyzing Cobalt Strike for Fun and Profit
https://www.randhome.io/blog/2020/12/20/analyzing-cobalt-strike-for-fun-and-profit/
Analyzing Cobalt Strike for Fun and Profit Analyzing Cobalt Strike for Fun and Profit 20 Dec 2020 · 10 minutes read . I am not sure what happened this year but it seems that Cobalt Strike is now the most used malware around the world, from APT41 to APT32, even the last SolarWinds supply chain attack involved Cobalt Strike. Without relaunching the heated debate on publishing offensive tools, this blog post intends to summarize what an ... |
---
Babuk Locker is the first new enterprise ransomware of 2021
Babuk Locker is the first new enterprise ransomware of 2021 It's a new year, and with it comes a new ransomware called Babuk Locker that targets corporate victims in human-operated attacks. Babuk Locker is a new ransomware operation that launched at the ... |
---
T-Mobile says hackers accessed some customer call records in data breach
https://techcrunch.com/2021/01/03/t-mobile-call-records-data-breach/
T-Mobile says hackers accessed some customer call records in data breach – TechCrunch T-Mobile, the third-largest cell carrier in the U.S. after completing its recent $26 billion merger with Sprint, ended 2020 by announcing its second data breach of the year. The cell giant said in ... techcrunch.com |
---
Over 500,000 credentials for tens of gaming firm available in the Dark Web
https://securityaffairs.co/wordpress/113026/deep-web/gaming-industry-under-attack.html
Over 500,000 credentials for tens of gaming firm available in the Dark Web--Security Affairs The gaming industry under attack, Over 500,000 credentials for the top two dozen leading gaming firms, including Ubisoft, leaked on online. The gaming industry is a privileged target for threat actors, threat actors leaked online over 500,000 stolen credentials belonging to top 25 gaming firms. The alarm was raised by the threat intelligence firm Kela […] securityaffairs.co |
---
Apex Laboratory disclose data breach after a ransomware attack
https://securityaffairs.co/wordpress/112994/malware/apex-laboratory-ransomware-attack.html
Apex Laboratory disclose data breach after a ransomware attack--Security Affairs At-home laboratory services provider Apex Laboratory discloses a ransomware attack and consequent data breach. Apex Laboratory, Inc. is a clinical laboratory that has been providing home laboratory services to homebound and Nursing Home patients in the NY Metropolitan Area for over 20 years. The at-home laboratory services provider Apex Laboratory disclosed a ransomware attack, the […] securityaffairs.co |
---
Over 200 million records of Chinese Citizens for Sale on the Darkweb
https://securityaffairs.co/wordpress/112966/deep-web/chinese-citizens-data-darkweb.html
Over 200 million records of Chinese Citizens for Sale on the Darkweb--Security Affairs During a routine Dark web monitoring, the Research team at Cyble found multiple posts where threat actors are offering for sale alleged data leaks related to Chinese citizens. Data might have been stolen from […] securityaffairs.co |
---
Vodafone's ho. Mobile admits data breach, 2.5m users impacted
Vodafone's ho. Mobile admits data breach, 2.5m users impacted Vodafone Group's low-cost operator ho. Mobile announced that hackers stole part of its customer database thus obtaining personal user information and SIM technical data. |
---
Top data breaches of 2020 – Security Affairs
https://securityaffairs.co/wordpress/112954/data-breach/top-10-data-breaches-2020.html
Top data breaches of 2020 – Security Affairs Data from major cyber security firms revealed that tens of billion records have been exposed in data breaches exposed in 2020. Below a list of top incidents: There were a number of major data breaches that took place in 2020, in many cases stolen records flooded the cybercrime underground and were used credential stuffing attacks. Below […] securityaffairs.co |
---
Russian Hacker Sentenced To 12 Years In Prison For Involvement In Massive Network Intrusions.
---
Former employee of medical packaging company sentenced to federal prison for disrupting PPE shipments
|
Christopher Dobbins has been sentenced to federal prison for hacking his former employer and sabotaging their electronic shipping records, causing more than $200,000 in damage and delaying the shipment of personal protective equipment (“PPE”) during the COVID-19 pandemic. |