As the world is beset by Log4Shell, arguably the most severe vulnerability ever, one of the biggest human resources solutions providers is reporting a ransomware attack that has taken its systems offline, possibly for the next several weeks. So far, the company isn't saying if that critical vulnerability was the means hackers used to breach the systems. The company said on Sunday that services using the Kronos Private Cloud had been unavailable for the past day. READ MORE...
The information technology agency that serves Virginia's legislature has been hit by a ransomware attack that has substantially affected its operations, state officials said Monday. Gov. Ralph Northam's spokeswoman, Alena Yarmosky, confirmed the attack on Virginia's Division of Legislative Automated Systems. In a brief statement provided to The Associated Press, Yarmosky said the governor had been briefed on the matter and directed executive branch agencies to offer help. READ MORE...
Attackers targeting telcos across the Middle East and Asia for the past six months are linked to Iranian state-sponsored hackers, according to researchers. The cyberespionage campaigns leverage a potent cocktail of spear phishing, known malware and legitimate network utilities that are leveraged to steal data and potentially disrupt supply-chains. Researchers outlined their findings on Tuesday in a report that says attacks are targeting a number of IT services organizations and a utility company. READ MORE...
Three malicious packages hosted in the Python Package Index (PyPI) code repository have been uncovered, which collectively have more than 12,000 downloads - and presumably slithered into installations in various applications. Independent researcher Andrew Scott found the packages during a nearly sitewide analysis of the code contained in PyPI, which is a repository of software code created in the Python programming language. READ MORE...
The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland's public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the ransomware. It also found affected hospitals had tens of thousands of outdated Windows 7 systems, and that the health system's IT administrators failed to respond to multiple warning signs. READ MORE...
In May 2021, a set of five vulnerabilities in Dell computer drivers collectively tracked as CVE-2021-21551 was disclosed and fixed after it remained exploitable for 12 years. However, Dell's fix wasn't comprehensive enough to prevent additional exploitation, and as security researchers warn now, it is an excellent candidate for future Bring Your Own Vulnerable Driver (BYOVD) attacks. READ MORE...
Researchers at the University of Darmstadt, Brescia, CNIT, and the Secure Mobile Networking Lab, have published a paper that proves it's possible to extract passwords and manipulate traffic on a WiFi chip by targeting a device's Bluetooth component. Modern consumer electronic devices such as smartphones feature SoCs with separate Bluetooth, WiFi, and LTE components, each with its own dedicated security implementation. READ MORE...