Hackers who hit SolarWinds compromised a think tank three separate times. The hackers behind the supply chain attack that compromised public and private organizations have devised a clever way to bypass multi-factor-authentication systems protecting the networks they target. Researchers from security firm Volexity said on Monday that it had encountered the same attackers in late 2019 and early 2020 as they penetrated deep inside of a think tank organization no fewer than three times. READ MORE...
They say buying a house is one of the most stressful things that you might experience in your life (along with getting divorced, or dealing with the death of a loved one). So you probably don't want ransomware throwing a spanner in the works if you're planning a house move. Two months ago I described how Hackney Council in London had fallen foul of a "serious cyber attack" that had impacted the services it was able to provide residents. The attack left the council unable to pay housing benefit. READ MORE...
Researchers are warning of a coordinated phishing attack that targeted "numerous" enterprise organizations last week. The attackers behind the attack leveraged hundreds of compromised, legitimate email accounts in order to target organizations with emails, which pretended to be document delivery notifications. In reality, the phishing attack stole victims' Office 365 credentials. "The widespread use of hundreds of compromised accounts and never-seen-before URLs indicate the campaign is [...]." READ MORE...
Researchers have discovered a new information-stealing trojan, which targets Microsoft Windows systems with an onslaught of data-exfiltration capabilities- from collecting browser credentials to targeting Outlook files. The trojan, called PyMicropsia (due to it being built with Python) has been developed by threat group AridViper, researchers said, which is known for targeting organizations in the Middle East. "AridViper is an active threat group that continues developing new tools as part of their arsenal," READ MORE...
A persistent malware campaign called Adrozek has been using an evolved browser modifier to deliver fraudulent ads to search-engine pages, according to Microsoft. At its peak in August, Adrozek was observed on more than 30,000 devices each day, researchers found, affecting multiple browsers. The Adrozek family of malware changes browser settings to allow it to insert fake ads over legitimate ones, which earns the scammers affiliate advertising dollars for each user they can trick into clicking. READ MORE...
Both business and security leaders are allowing massive insider risk problems to fester in the aftermath of the significant shift to remote work in the past year, according to a Code42 report. During that same time, 76% of IT security leaders said that their organizations have experienced one or more data breaches involving the loss of sensitive files and 59% said insider threat will increase in the next two years primarily due to users having access to files they shouldn't. READ MORE...
PayPal is one of the key players in the field of online payment providers, operating as a payment processor for popular online marketplaces, auction websites, as well as other commercial sellers. Popular brands such as Microsoft, Google Play, PlayStation Store, and Ikea are among the vendors that offer payment through the platform. With 361 million active registered users, who make around 40 payment transactions per active account over a 12-month period, it's also hugely popular. READ MORE...
A vast majority of operational technology (OT) devices affected by the Urgent/11 vulnerabilities and many devices impacted by the CDPwn flaws remain unpatched, IoT security firm Armis reported on Tuesday. According to the company, 97% of industrial devices affected by the Urgent/11 vulnerabilities have not been patched. As for the CDPwn bugs, 80% of impacted devices are still vulnerable to attacks. Armis told SecurityWeek that this is based on data from the company's Device Knowledgebase. READ MORE...
As two people for whom creating phishing emails constitutes legitimate employment (we are on the product team behind the Sophos Phish Threat phishing simulation service) we know we're in the minority. Like our not-so-lawful counterparts, we spend our days using social engineering techniques to trick people into opening malicious messages and clicking on links they ought to leave alone. Understanding the attackers' approach helps you spot a phishing email when it hits your inbox. READ MORE...
France's CNIL data privacy watchdog slapped 135 million euros in fines on US tech titans Google and Amazon for placing advertising cookies on users' computers without consent. The 100-million-euro fine against Google is the largest sanction the regulator has ever imposed, which it justified by the fact 90 percent of French internet users use the firm's search engine. CNIL said the fines were "for having placed advertising cookies on the computers of users ... without obtaining prior consent." READ MORE...