Microsoft seizes infrastructure of top cybercrime group
Microsoft took sweeping action against a cybercrime operation responsible for creating roughly 750 million fraudulent Microsoft accounts and various websites used to enable a bevy of cybercrime activities, the company said Wednesday. The announcement comes nearly a week after Microsoft obtained a court order from the Southern District of New York allowing it to seize U.S.-based infrastructure and websites used by a group the company tracks as Storm-1152. READ MORE...
Red Roof claims cybersecurity incident did not involve guest data
Red Roof experienced a cybersecurity incident in September that briefly left its systems offline but did not involve guest data, the hotel company announced Friday. On Sept. 23, Red Roof detected "suspicious activity" within its systems that soon appeared to be ransomware based on several factors, including the encryption of a limited subset of Red Roof data, the company said. READ MORE...
Russia joins North Korea in sending state-sponsored cyber troops to pick on TeamCity users
The offensive cyber unit linked to Russia's Foreign Intelligence Service (SVR) is exploiting the critical vulnerability affecting the JetBrains TeamCity CI/CD server at scale, and has been since September, authorities warn. The news came in an advisory issued by multiple American and European agencies. Announced in late September, the vulnerability, tracked as CVE-2023-42793 with a 9.8 severity score, can be seen as analogous to the one that facilitated the 2020 attack on SolarWinds. READ MORE...
Google Forms Used in Call-Back Phishing Scam
Researchers at Abnormal have discovered the latest evolution in call-back phishing campaigns. Traditional phishing emails might contain a malicious link or attachment, and lure recipients into clicking on them via social engineering techniques. Call-back phishing dupes unsuspecting victims into telephoning a fraudulent call centre, where they will speak to an actual human being - who will then trick them into downloading and running malware, providing malicious hackers with remote access to their PC. READ MORE...
Dell Urges Customers to Patch Vulnerabilities in PowerProtect Products
Dell is urging customers of its PowerProtect products to review a newly released security advisory and patch a series of potentially serious vulnerabilities. The vulnerabilities impact PowerProtect Data Domain (DD) series appliances, which are designed to help organizations protect, manage and recover data at scale. APEX Protect Storage, PowerProtect DD Management Center, PowerProtect DP series appliances, and PowerProtect Data Manager appliances are also affected. READ MORE...
French police arrests Russian suspect linked to Hive ransomware
French authorities arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with laundering their victims' ransom payments. "New arrest in the Hive ransomware affair: after the international search in January to dismantle this network of hackers constituting a serious threat, the Judicial Police arrested in Paris an individual suspected of having laundered money from these cyber attacks," the French National Police said (automated translation). READ MORE...
Chinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet
Malware hunters in the United States have set eyes on an impossible to kill botnet packed with end-of-life SOHO routers serving as a covert data transfer network for Volt Typhoon, a Chinese government-backed hacking group previously caught targeting US critical infrastructure. The discovery of the botnet, which is packed with outdated Cisco, Netgear and Fortinet devices, adds a new twist to the scramble to mitigate the damage from Volt Typhoon infections. READ MORE...
The Unlikely Romance of Hackers and Government Suitors
Each spring, the annual Hack the Capitol event brings together a diverse group of scientists, hackers, and policymakers to educate congressional staffers, scholars, and the press about the most critical cybersecurity challenges facing our nation. Hack the Capitol has steadily grown in size and stature by raising awareness about the value of governments and businesses partnering with hackers to solve complex security problems. READ MORE...
Hackers are exploiting critical Apache Struts flaw using public PoC
Hackers are attempting to leverage a recently fixed critical vulnerability (CVE-2023-50164) in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code. It appears that threat actors have just started, according to the Shadowserver scanning platform, whose researchers observed a small number of IP addresses engaged in exploitation attempts. READ MORE...
Attackers Target Microsoft Accounts to Weaponize OAuth Apps
Threat actors are abusing organizations' weak authentication practices to create and exploit OAuth applications, often for financial gain, in a string of attacks that include various vectors, including cryptomining, phishing, and password spraying. OAuth is an open authentication standard increasingly being adopted for cross-platform access, users would recognize it at play when logging into a website with a prompt to click on a link to log in with another social media account. READ MORE...
Trains were designed to break down after third-party repairs, hackers find
An unusual right-to-repair drama is disrupting railroad travel in Poland despite efforts by hackers who helped repair trains that allegedly were designed to stop functioning when serviced by anyone but Newag, the train manufacturer. Members of an ethical hacking group called Dragon Sector, including Sergiusz Bazanski and Michal Kowalczyk, were called upon by a train repair shop, Serwis Pojazdów Szynowych (SPS), to analyze train software in June 2022. READ MORE...
- ...in 1900, Max Planck presents his quantum theory at the Physics Society in Berlin.
- ...in 1940, Plutonium-238 is isolated by chemist Glenn Seaborg at the Lawrence Radiation Laboratory at UC Berkeley.
- ...in 1960, a US Boeing B-52 bomber sets the record for a non-stop flight, going 10,000 miles without refueling.
- ...in 2004, the Millau Viaduct, the world's tallest bridge, officially opens for traffic near Millau, France.
