U.S. officials have yet to find any signs that federal civilian agencies have been breached in recent widespread exploitation of Microsoft software, a senior Department of Homeland Security official told lawmakers Wednesday. The "vast majority" of civilian agencies have addressed vulnerabilities in the Exchange Server email software following an emergency directive from DHS's Cybersecurity and Infrastructure Security Agency (CISA), said Eric Goldstein. READ MORE...
A CCTV camera biz which left an admin account username and password exposed on the World Wide Web has, you guessed it, been targeted by hacktivists. Verkada, makers of internet-connected surveillance devices, had around 150,000 cameras and archive footage accessible through its web infrastructure when unauthorised folk went poking about. Those cameras belonged to a whole host of organisations, according to the Bloomberg financial newswire, including: Tesla, Cloudflare, hospitals, and more. READ MORE...
The Microsoft Exchange vulnerabilities that allow hackers to take over Microsoft Exchange servers are under attack by no fewer than 10 advanced hacking groups, six of which began exploiting them before Microsoft released a patch, researchers reported Wednesday. That raises a vexing mystery: how did so many separate threat actors have working exploits before the security flaws became publicly known? Researchers say that as many as 100,000 mail servers around the world have been compromised. READ MORE...
Norway's parliament, the Storting, has suffered another cyberattack after threat actors stole data using the recently disclosed Microsoft Exchange vulnerabilities. Last week, Microsoft released emergency security updates for Microsoft Exchange to fix zero-day vulnerabilities, known as ProxyLogon, used in attacks. These attacks were originally attributed to a China state-sponsored hacking group known as HAFNIUM who used the vulnerabilities to compromise servers. READ MORE...
A ransomware attack has affected IT systems at a Spanish government agency that manages unemployment benefits, disrupting "hundreds of thousands" of appointments at the agency, a Spanish labor union said Tuesday. The cyberattack on Spain's State Public Employment Service (SEPE) affected the agency's offices around the country, forcing employees to use pen and paper to take appointments, according to the Central Independent Trade Union and Civil Servants. READ MORE...
A bill introduced in the House of Representatives this week could allow United States citizens to seek monetary damages if cyber-attacks by foreign threat actors harm them in any way. Referred to as the Homeland and Cyber Threat Act, or the HACT Act, the legislation is the reintroduced version of a bill initially introduced in August 2019. The bill was reintroduced by Reps. Jack Bergman (MI-01), Colin Allred (TX-32), Brian Fitzpatrick (PA-01), Jaime Herrera Beutler (WA-03), Joe Neguse (CO-02). READ MORE...
Security researchers at Intezer have discovered a previously undocumented backdoor dubbed RedXOR, with links to a Chinese-sponsored hacking group and used in ongoing attacks targeting Linux systems. The RedXOR malware samples found by Intezer were uploaded to VirusTotal (1, 2) from Taiwan and Indonesia (known targets for Chinese state hackers) and have low detection rates. Based on command-and-control servers still being active, the Linux backdoor is being used in ongoing attacks. READ MORE...
Check Point researchers recently discovered the Clast82 dropper hidden in nine legitimate Android utility apps. Researchers at Check Point recently discovered that the operator of a malware tool that breaks into mobile users' financial accounts was employing a novel new method to sneak its malware into Google's official Android Play mobile app store. The method involved using Google's own Firebase platform for command-and-control (C2) communications. READ MORE...
A hybrid Monero cryptominer and ransomware bug has hit 20,000 machines in 60 days. At its previous peak in February, the Monero Miner cryptocurrency ransominer was targeting more than 2,500 users a day, disguised as an antivirus installer. Now, the tricky hybrid malware is on the rise again, this time impersonating an ad blocker and OpenDNS service. In total, it has infected more than 20,000 users in less than two months, researchers at Kaspersky warned, in a report on Wednesday. READ MORE...
Civil liberties activists are suing a company that provides facial recognition services to law enforcement agencies and private companies around the world, contending that Clearview AI illegally stockpiled data on 3 billion people without their knowledge or permission. The lawsuit, filed Tuesday in Alameda County Superior Court in the San Francisco Bay Area, contends that the New York-based firm violates California's constitution. READ MORE...
Patient data protection provider Tausight this week announced that it has raised $20 million in Series A funding. The new funding, Tausight says, will help expand the go-to-market team and invest in a healthcare-specific solution designed to identify security flaws in clinical workflows. The new funding round was co-led by existing investors Polaris Partners and Flare Capital Partners. New investor .406 Ventures also participated. READ MORE...
Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials. The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of victims' companies. According to researchers, at least 2,500 such emails have been unsuccessfully sent to senior-level employees in the banking and IT sector, over the past three months. READ MORE...
European law enforcement authorities have made a large number of arrests after a joint operation involving the monitoring of organized crime communication channels after "unlocking" Sky ECC chat's encryption. Sky ECC is advertised as a secure messaging platform used by around 170,000 individuals worldwide. The service's US, Canadian, and European servers are being used to exchange over three million messages each day. READ MORE...
A series of police raids in Belgium have resulted in the apparent shutdown of the Sky ECC encrypted mobile phone network. The Brussels Times reported that 1,500 police workers were sent on 200 overnight raids, mostly in the Antwerp area. "Information gained from those conversations is what led to Tuesday's historic operation, two years in the making," it stated. Police and prosecutors boasted of seizing 17 tonnes of cocaine and €1.2m during a post-raid press conference. READ MORE...