FBI alert warns of Russian, Chinese use of deepfake content
U.S. officials have yet to find any signs that federal civilian agencies have been breached in recent widespread exploitation of Microsoft software, a senior Department of Homeland Security official told lawmakers Wednesday. The "vast majority" of civilian agencies have addressed vulnerabilities in the Exchange Server email software following an emergency directive from DHS's Cybersecurity and Infrastructure Security Agency (CISA), said Eric Goldstein. READ MORE...
Hacktivists breach Verkada and view 150,000 CCTV cams in hospitals, prisons, a Tesla factory, even Cloudflare HQ
A CCTV camera biz which left an admin account username and password exposed on the World Wide Web has, you guessed it, been targeted by hacktivists. Verkada, makers of internet-connected surveillance devices, had around 150,000 cameras and archive footage accessible through its web infrastructure when unauthorised folk went poking about. Those cameras belonged to a whole host of organisations, according to the Bloomberg financial newswire, including: Tesla, Cloudflare, hospitals, and more. READ MORE...
There's a vexing mystery surrounding the 0-day attacks on Exchange servers
The Microsoft Exchange vulnerabilities that allow hackers to take over Microsoft Exchange servers are under attack by no fewer than 10 advanced hacking groups, six of which began exploiting them before Microsoft released a patch, researchers reported Wednesday. That raises a vexing mystery: how did so many separate threat actors have working exploits before the security flaws became publicly known? Researchers say that as many as 100,000 mail servers around the world have been compromised. READ MORE...
Norway parliament data stolen in Microsoft Exchange attack
Norway's parliament, the Storting, has suffered another cyberattack after threat actors stole data using the recently disclosed Microsoft Exchange vulnerabilities. Last week, Microsoft released emergency security updates for Microsoft Exchange to fix zero-day vulnerabilities, known as ProxyLogon, used in attacks. These attacks were originally attributed to a China state-sponsored hacking group known as HAFNIUM who used the vulnerabilities to compromise servers. READ MORE...
Spanish labor agency suffers ransomware attack, union says
A ransomware attack has affected IT systems at a Spanish government agency that manages unemployment benefits, disrupting "hundreds of thousands" of appointments at the agency, a Spanish labor union said Tuesday. The cyberattack on Spain's State Public Employment Service (SEPE) affected the agency's offices around the country, forcing employees to use pen and paper to take appointments, according to the Central Independent Trade Union and Civil Servants. READ MORE...
Proposed Bill Would Allow Americans to Sue Foreign Cyber-Actors
A bill introduced in the House of Representatives this week could allow United States citizens to seek monetary damages if cyber-attacks by foreign threat actors harm them in any way. Referred to as the Homeland and Cyber Threat Act, or the HACT Act, the legislation is the reintroduced version of a bill initially introduced in August 2019. The bill was reintroduced by Reps. Jack Bergman (MI-01), Colin Allred (TX-32), Brian Fitzpatrick (PA-01), Jaime Herrera Beutler (WA-03), Joe Neguse (CO-02). READ MORE...
Chinese state hackers target Linux systems with new malware
Security researchers at Intezer have discovered a previously undocumented backdoor dubbed RedXOR, with links to a Chinese-sponsored hacking group and used in ongoing attacks targeting Linux systems. The RedXOR malware samples found by Intezer were uploaded to VirusTotal (1, 2) from Taiwan and Indonesia (known targets for Chinese state hackers) and have low detection rates. Based on command-and-control servers still being active, the Linux backdoor is being used in ongoing attacks. READ MORE...
Malware Operator Employs New Trick to Upload Its Dropper into Google Play
Check Point researchers recently discovered the Clast82 dropper hidden in nine legitimate Android utility apps. Researchers at Check Point recently discovered that the operator of a malware tool that breaks into mobile users' financial accounts was employing a novel new method to sneak its malware into Google's official Android Play mobile app store. The method involved using Google's own Firebase platform for command-and-control (C2) communications. READ MORE...
Fake Ad Blocker Delivers Hybrid Cryptominer/Ransomware Infection
A hybrid Monero cryptominer and ransomware bug has hit 20,000 machines in 60 days. At its previous peak in February, the Monero Miner cryptocurrency ransominer was targeting more than 2,500 users a day, disguised as an antivirus installer. Now, the tricky hybrid malware is on the rise again, this time impersonating an ad blocker and OpenDNS service. In total, it has infected more than 20,000 users in less than two months, researchers at Kaspersky warned, in a report on Wednesday. READ MORE...
Facial Recognition Company Sued by California Activists
Civil liberties activists are suing a company that provides facial recognition services to law enforcement agencies and private companies around the world, contending that Clearview AI illegally stockpiled data on 3 billion people without their knowledge or permission. The lawsuit, filed Tuesday in Alameda County Superior Court in the San Francisco Bay Area, contends that the New York-based firm violates California's constitution. READ MORE...
Tausight Raises $20M to Protect Healthcare Data
Patient data protection provider Tausight this week announced that it has raised $20 million in Series A funding. The new funding, Tausight says, will help expand the go-to-market team and invest in a healthcare-specific solution designed to identify security flaws in clinical workflows. The new funding round was co-led by existing investors Polaris Partners and Flare Capital Partners. New investor .406 Ventures also participated. READ MORE...
Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords
Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials. The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of victims' companies. According to researchers, at least 2,500 such emails have been unsuccessfully sent to senior-level employees in the banking and IT sector, over the past three months. READ MORE...
Europol 'unlocks' encrypted Sky ECC chat service to make arrests
European law enforcement authorities have made a large number of arrests after a joint operation involving the monitoring of organized crime communication channels after "unlocking" Sky ECC chat's encryption. Sky ECC is advertised as a secure messaging platform used by around 170,000 individuals worldwide. The service's US, Canadian, and European servers are being used to exchange over three million messages each day. READ MORE...
Belgian cops crack down on encrypted phone network Sky ECC in 200 overnight raids as firm denies criminal ties
A series of police raids in Belgium have resulted in the apparent shutdown of the Sky ECC encrypted mobile phone network. The Brussels Times reported that 1,500 police workers were sent on 200 overnight raids, mostly in the Antwerp area. "Information gained from those conversations is what led to Tuesday's historic operation, two years in the making," it stated. Police and prosecutors boasted of seizing 17 tonnes of cocaine and €1.2m during a post-raid press conference. READ MORE...
- ...in 1818, author Mary Wollstonecraft Shelley publishes "Frankenstein; Or, The Modern Prometheus", widely considered to be the first work of science fiction.
- ...in 1985, Mikhail Gorbachev is elected as General Secretary of the Soviet Union, becoming the USSR's final head of state.
- ...in 1997, former Beatle Paul McCartney is officially knighted by Queen Elizabeth II.
- ...in 2020, the World Health Organization officially declares the COVID-19 outbreak as a pandemic.
