North American land developer and home builder Brookfield Residential is one of the first victims of the new DarkSide Ransomware. Brookfield Residential is a U.S. and Canada planned community and single-family home builder with $5.7 billion in assets. Brookfield Residential is owned by Brookfield Asset Management, a Canadian asset management company with over $500 billion in assets under their control. The similar names have led to some confusion as to which entity was attacked by the DarkSide ransomware. READ MORE...
Up to 200,000 patient records from Office 365 and Google G Suite exposed by hardcoded credentials and other improper access controls. Developer error caused the leak of 150,000 to 200,000 patient health records stored in productivity apps from Microsoft and Google that were recently found on GitHub. Dutch researcher Jelle Ursem discovered nine separate files of highly sensitive personal health information (PHI) from apps such as Office 365 and Google G Suite from nine separate health organizations. READ MORE...
A phishing attack targeting government and security organizations used a legitimate Box page with Microsoft 365 branding to trick victims. A newly discovered credential phishing campaign used a legitimate Box webpage and exploited widespread trust in Microsoft 365 to capture victims' credentials in a convoluted attack chain. The team at Armorblox discovered this threat back in June and say it affected city officials, as well as government and cybersecurity organizations. READ MORE...
A company involved in billion-dollar real estate deals in New York, London, Australia, and Oman has recently become the target of a cyber-espionage campaign from a set of well-resourced hackers, according to new Bitdefender research published Wednesday. The hackers waged the campaign against the target, an international architectural and video production entity, in a likely effort to collect financial information or negotiation details of competing contracts for a customer, Bitdefender assessed. READ MORE...
Microsoft today announced the launch of Application Guard for Office in public preview to protect enterprise users from threats using malicious attachments as an attack vector. Application Guard for Office (also known as Microsoft Defender Application Guard for Office) is designed to help prevent block files downloaded from untrusted sources from gaining access trusted resources by opening them within an isolated sandbox. This sandbox will automatically block maliciously crafted files from exploiting vulnerabilities. READ MORE...
An advanced hackers-for-hire group has compromised computers of an architecture firm involved in luxury real-estate projects worth billions of US dollars. The group carries out espionage operations, the attack vector being a malicious plugin for the Autodesk 3ds Max software for creating professional 3D computer graphics. According to an investigation from Bitdefender, the unnamed victim is an important company working with luxury real-estate developers in the U.S., the U.K., Australia, and Oman. READ MORE...
A Russian national was arrested in the United States after attempting to convince an employee at a targeted company to deploy a piece of malware. The man, Egor Igorevich Kriuchkov, 27, was arrested on August 22 and appeared in court on Monday. He promised $1 million to the employee and was allegedly planning to flee the United States after being contacted by the FBI. Kriuchkov, a criminal complaint and statements made in court reveal, conspired with others to recruit an employee at an unnamed company in Nevada. READ MORE...
The largest problem facing database security today is the disconnect between security teams and DBAs beginning from the moment of configuration and continuing throughout the database lifecycle. In the recent Meow attacks, more than 1,000 exposed databases on the Web were wiped by unknown actors who deleted entire repositories, leaving only the word "meow" behind. To the average person the deletion of entire databases, and the leaving of a calling card each time. READ MORE...
If you haven't updated Pulse Secure VPN, now would be an excellent time to do so. Organizations that have yet to install the latest version of the Pulse Secure VPN have a good reason to stop dithering-a code-execution vulnerability that allows attackers to take control of networks that use the product. Tracked as CVE-2020-8218, the vulnerability requires an attacker to have administrative rights on the machine running the VPN. Researchers from GoSecure, the firm that discovered the flaw. READ MORE...