Fifteen National Football League (NFL) teams, including this year’s Super Bowl contenders the San Francisco 49ers and Kansas City Chiefs, have had their social media accounts hacked. To add insult to injury, the NFL’s official account on Twitter was also hijacked, which isn’t the first time this has happened. A hacker collective that calls itself OurMine has claimed responsibility for the incidents.
The FBI Cyber Division issued a flash security alert earlier this month with additional indicators of compromise from recent defacement attacks operated by Iranian threat actors and info on attackers' TTPs to help administrators and users to protect their websites. The Cybersecurity and Information Security Agency (CISA) also published a reminder on the same day to provide cybersecurity best practices on safeguarding websites from cyberattacks that could lead to defacement or data breaches.
Aleksei Burkov, an ultra-connected Russian hacker once described as “an asset of supreme importance” to Moscow, has pleaded guilty in a U.S. court to running a site that sold stolen payment card data and to administering a highly secretive crime forum that counted among its members some of the most elite Russian cybercrooks.
A new ransomware called Ragnarok has been detected being used in targeted attacks against unpatched Citrix ADC servers vulnerable to the CVE-2019-19781 exploit. Last week, FireEye released a report about new attacks exploiting the now patched Citrix ADC vulnerability to install the new Ragnarok Ransomware on vulnerable networks. When attackers can compromise a Citrix ADC device, various scripts would be downloaded and executed that scan for Windows computers vulnerable to the EternalBlue vulnerability.
The LoRaWAN protocol has become standard in the world of industrial IoT because of its support for low-power wireless devices over long distances and its end-to-end encryption technology. However, bad implementations and security flaws make the protocol a real blind spot in the fraught world of IoT security, as LoRaWAN is easily susceptible to threats that could cause widespread disruption and even destruction if it’s not implemented correctly, IOActive researchers have found.
A previously undisclosed and now patched vulnerability in the Zoom conferencing platform could have let attackers drop into active meetings by generating and verifying Zoom IDs. Zoom users know the platform's unique meeting IDs are made up of 9, 10, or 11-digit numbers. If hosts don't require a conference password or enable the Waiting Room feature, Zoom ID is the only factor protecting meetings from unauthorized attendees.
Every time it looks as if Mozilla is getting on top of the problem of malicious or risky extensions, it finds itself having to step in to block another batch. In the latest action, noticed by a ZDNet reporter, Mozilla banned 197 extensions, 129 of which were published by one B2B software developer, 2Ring. The nature of the banned extensions is difficult to say. However, 2Ring’s products appear to be designed for organisations using Cisco telephony and other software products.