One of the harrowing images to come out of Wednesday's attack on the US Capitol was a photo posted by a rioter of an open laptop on a desk in US House Speaker Nancy Pelosi's office. The screen was visible and apparently unlocked, with a warning in a black box that read, "Capitol: Internet Security Threat: Police Activity." While it remains unclear whether the laptop allegedly stolen from Pelosi's office during the attack on the Capitol is the same one that was photographed in an unlocked state. READ MORE...
American technology company Ubiquiti this week revealed that one of its third-party cloud providers suffered a data breach. Founded in 2005, the New York City-based company manufactures wired and wireless data communication products for both corporate and home users, including routers, security cameras, network video recorders, and other Internet of Things devices. "We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider." READ MORE...
Security researchers on Monday linked the SolarWinds breach to a different set of suspected Russian hacking tools, finding commonalities between that attack and the methods of the Turla group. Moscow-based Kaspersky said the source code for Sunburst, one of the nicknames for the malware that attackers used in the SolarWinds hack, overlapped with the Kazuar backdoor that Turla has deployed in the past. The Turla group is known for stalking embassies and ministries of foreign affairs in Europe. READ MORE...
SolarWinds, the federal contractor at the center of a sweeping suspected Russian hacking campaign, on Monday identified malicious code the company says attackers used to manipulate its software, and remain undetected for months. The code was designed to inject another piece of custom malicious software into Orion, the SolarWinds software used by numerous Fortune 500 companies and federal agencies, "without arousing the suspicion of our software development and build teams." READ MORE...
In recent years, researchers have used DNA to encode everything from an operating system to malware. Rather than being a technological curiosity, these efforts were serious attempts to take advantage of DNA's properties for long-term storage of data. DNA can remain chemically stable for hundreds of thousands of years, and we're unlikely to lose the technology to read it, something you can't say about things like ZIP drives and MO disks. READ MORE...
The AEVT decompiler helped researchers analyze a cryptominer campaign that used AppleScript for obfuscation and will help reverse engineers focused on other Mac OS malware. An effort to reverse-engineer malicious AppleScript has led to the creation of a tool to analyze run-only malware targeting the Mac operating system, undermining a common attacker approach to obfuscating code on the platform. Cybersecurity firm SentinelOne created the tool, known as the Apple Event (AEVT) decompiler. READ MORE...
Online surveys and form building software as a service Typeform has patched an information hijacking vulnerability. The flaw which existed in Typeform's Zendesk Sell app integration could let attackers quietly redirect form submissions with potentially sensitive data to themselves. Online survey and form creation tool Typeform lets users create webpages for easy data collection from users. Every such form created on the platform has a unique "form ID," such as hHXhmf. READ MORE...
Romanian cybersecurity firm Bitdefender has released a free decryptor for the DarkSide ransomware to allow victims to recover their files without paying a ransom. DarkSide is a human-operated ransomware that has already earned millions in payouts since it started targeting enterprises in August 2020. The operation has seen a spike in activity between October and December 2020 when the amount of DarkSide sample submissions on the ID-Ransomware platform more than quadrupled. READ MORE...