Email security company Mimecast on Tuesday said it completed its forensic investigation into the impact of the SolarWinds supply chain attack, and revealed that the threat actor managed to steal some source code. Mimecast was one of the several cybersecurity companies to confirm being targeted by the hackers who breached the systems of IT management solutions provider SolarWinds. READ MORE...
A Florida teenager has admitted to orchestrating the hijacking of celebrity Twitter accounts last year as part of a plea deal that will see him serve three years in a juvenile facility, prosecutors said Tuesday. Graham Ivan Clark, 18, admitted to being behind a scheme that saw him steal more than $117,000 by taking over the Twitter accounts of numerous public figures and then blasted out tweets promoting cryptocurrency, according to prosecutors in Hillsborough County, Fla. READ MORE...
A Florida high-school student faces jail time for rigging her school's Homecoming Queen election. A 17-year-old high school senior along with her mother, Laura Rose Carroll, were arrested this week, charged with accessing student records in a fraudulent attempt to rig her school's Homecoming Queen election. Carroll worked as an assistant principal at Bellview Elementary School in the Escambia County School District in Cantonment, Fla. - the same district where her daughter attended Tate High School. READ MORE...
Microsoft has shed some light on the root cause behind yesterday's massive Azure authentication outage that affected multiple Microsoft services and blocked users from logging into their accounts. Customers experienced authentication errors across many Microsoft services, including Microsoft 365, Microsoft Teams, Exchange Online, Forms, Xbox Live, Intune, Outlook.com, Office Web, SharePoint Online, OneDrive for Business, Yammer, and more. READ MORE...
A security researcher was able to add a counterfeit test package to the official list of Microsoft Azure SDK latest releases. The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite. New package added to Azure SDK releases page. This month security researcher Alex Birsan demonstrated how anyone could add their own package to the list of official Azure SDK Latest Releases. READ MORE...
Four years after being used in one of the most powerful distributed denial-of-service attacks on record, the so-called Mirai malware continues to haunt the internet. Researchers on Monday evening revealed that attackers used a new variant of the malicious software in a string of ongoing hacking attempts against devices like routers and switches. The attackers are using no less than eight flaws in popular networking gear to try to remotely commandeer the devices. READ MORE...
Magecart attackers have found a new way to hide their nefarious online activity by saving data they've skimmed from credit cards online in a .JPG file on a website they've injected with malicious code. Researchers at website security firm Sucuri discovered the elusive tactic recently during an investigation into a compromised website using the open-source e-commerce platform Magento 2, Luke Leal from Sucuri's malware research team said in a report posted online last week. READ MORE...
An alert issued on Tuesday by the FBI warns about an increase in PYSA ransomware attacks on education institutions in the United States and the United Kingdom. Last year, authorities in the UK and France also issued alerts for the PYSA ransomware, following attacks on government and other types of organizations. According to the FBI, PYSA attacks have been launched by "unidentified cyber actors" against higher education, K-12 schools and seminaries in a dozen U.S. states, as well as the U.K. READ MORE...