Leading French cybersecurity company StormShield disclosed that their systems were hacked, allowing a threat actor to access the company's support ticket system and steal source code for Stormshield Network Security firewall software. StormShield is a French cybersecurity firm that develops UTM (Unified Threat Management) firewall devices, endpoint protection solutions, and secure file management solutions. READ MORE...
Someone calling themselves "biba99" on a popular criminal forum claimed on Jan. 5 to provide "non-malicious" software to help organizations identify "security issues." The author struggled to explain, in halting English, "why we are not … criminals" while assuring readers that the group would not hack hospitals or schools. A month later, the attacker behind what appeared to be a bumbling forum post is reportedly claiming responsibility for a ransomware attack. READ MORE...
Stormshield, a wholly-owned subsidiary of France-based cybersecurity company Airbus CyberSecurity, has disclosed a data breach that resulted in source code and customer information getting compromised. Stormshield provides network security, endpoint security and data security solutions. The company describes itself as a "European leader in digital infrastructure security" and claims to have a presence in more than 40 countries. READ MORE...
Centrais Eletricas Brasileiras (Eletrobras) and Companhia Paranaense de Energia (Copel), two major electric utilities companies in Brazil have announced that they suffered ransomware attacks over the past week. State-controlled, both are key players in the country. Copel being the largest in the state of ParanĂ¡ while Eletrobras is the largest power utility company in Latin America and also owns Eletronuclear, a subsidiary involved in the construction and operations of nuclear power plants. READ MORE...
Distributed denial-of-service attackers have seized on a new vector for amplifying the junk traffic they lob at targets to take them offline: end users or networks using the Plex Media Server. DDoS amplification is a technique that leverages the resources of an intermediary to increase the firepower of attacks. Rather than sending data directly to the server being targeted, machines participating in an attack first send the data to a third party in the form of a request for a certain service. READ MORE...
Facebook, TikTok and Twitter coordinated to banish hundreds of accounts on Thursday allegedly linked to OGUsers, a marketplace for hacked usernames that can fetch tens of thousands of dollars. Buyers use the simple, short usernames - such as @food - to obtain clout or make money. Facebook said it has cracked down on accounts affiliated with OGUsers before, but it is making its enforcement public in a bid to deter those who would harass or hack legitimate users to obtain those valuable accounts. READ MORE...
Microsoft released the February 2021 non-security Microsoft Office updates with improvements and fixes for issues and crashes impacting Windows Installer (MSI) editions of Office 2016, Office 2013, and Office 2010 products. Multiple updates (KB4493164, KB4493169, and KB4493179) have been released to address issues that may lead to a PowerPoint crash when opening documents containing diagrams. KB4493190 fixes another issue that causes Outlook reminders to behave unpredictably on systems. READ MORE...
The hacking group referred to as TeamTNT has been employing a new piece of malware in a recently started campaign targeting Kubernetes environments, security researchers with Palo Alto Networks' Unit 42 reveal. During the summer of 2020, TeamTNT was targeting Docker and Kubernetes systems with a crypto-mining worm capable of stealing local credentials, including Amazon Web Services (AWS) login details. READ MORE...
With access to some training data, Microsoft's red team recreated a machine-learning system and found sequences of requests that resulted in a denial-of-service. Mature companies should conduct red team attacks against their machine-learning systems to suss out their weaknesses and shore up their defenses, a Microsoft researcher told virtual attendees at the USENIX ENIGMA Conference this week. As part of the company's research into the impact of attacks on machine learning. READ MORE...
In a filing with the Securities and Exchange Commission (SEC) this week, North American trucking and freight transportation logistics giant Forward Air Corporation said a December 2020 ransomware attack had an impact on its fourth quarter financial results. For three decades, the Greeneville, Tennessee-based company has been providing ground transportation and related logistics services to the air freight and expedited less than load (LTL) market in North America. READ MORE...
Over 660 researchers from 62 countries collected rewards for reporting bugs in Chrome, Android, and other Google technologies. Google paid $6.7 million in reward money last year to security researchers from around the world who found vulnerabilities in Chrome, Android, and other Google technologies. The amount is the highest Google has paid out under its Vulnerability Research Program (VRP) since launching it in 2010. READ MORE...
Signal says it is introducing a connection method for the Android version of its app that can allow users in Iran to dodge their government's efforts to block message traffic. The announcement comes after users in Iran began reporting issues with connecting to the end-to-end encrypted chat application in January, following a crackdown by the government. In a blog post Thursday, Signal said users of the Android version will be able to download the update "in a few days." READ MORE...