Today, security company Mandiant issued a report tracking the growth of a ransomware attack group it calls FIN12. The company said the group is one of the most aggressive ransomware attackers ever seen, making up a fifth of all the cases it has handled since September 2020. FIN12 is also shifting its techniques and targets as it evolves. FIN12 hits big targets with average annual revenues of $6 billion, said Mandiant. READ MORE...
The official Facebook page of the US Navy's destroyer-class warship, USS Kidd, has been hijacked. According to Task & Purpose, who first reported on the incident, the account has done nothing but stream Age of Empires, an award-winning, history-based real-time strategy (RTS) video game wherein players get to grow civilizations by progressing them from one historical time frame to another. READ MORE...
BrewDog, the Scottish brewery and pub chain famous for its crowd-ownership model and the tasty IPAs, has irreversibly exposed the details of 200,000 of its shareholders and customers. The exposure lasted for over 18 months and the point of the leak was the firm's mobile app, which gives the 'Equity Punks' community access to information, discounts at bars, and more. As detailed in a PenTestPartners report, the problem lies in the app's API, and more specifically, its token-based authentication system. READ MORE...
Google has warned about 14,000 of its users about being targeted in a state-sponsored phishing campaign from APT28, a threat group that has been linked to Russia. The campaign was detected in late September and accounts for a larger than usual batch of Government-Backed Attack notifications that Google sends to targeted users every month. The campaign from APT28, also known as Fancy Bear, lead to a larger number of warnings for Gmail users across various industries. READ MORE...
Russia accounted for most state-sponsored hacking detected by Microsoft over the past year, with a 58% share, mostly targeting government agencies and think tanks in the United States, followed by Ukraine, Britain and European NATO members, the company said. The devastating effectiveness of the long-undetected SolarWinds hack also boosted Russian state-backed hackers' success rate to 32% in the year ending June 30, compared with 21% in the preceding 12 months. READ MORE...
Halloween is not until the end of the month, but there has already been a lot of scary activity leading up to this patch Tuesday. PrintNightmare and Apple zero-days are just a few that have made the news. It's been over three months since the vulnerabilities were announced, but PrintNightmare continues to be a scary topic of conversation. Microsoft changed the Point and Print feature functionality with their recent updates to require administrator privileges. READ MORE...
The Apache HTTP Server Project on Thursday announced the release of another update in response to a recently discovered zero-day vulnerability after determining that the initial fix was incomplete. The vulnerability, tracked as CVE-2021-41773, can be exploited for path traversal and remote code execution. The flaw impacts Apache HTTP Server 2.4.49 and it has been exploited in attacks, so it's important that organizations install the patches as soon as possible. READ MORE...