The compromise of multiple US federal networks following the SolarWinds breach was officially confirmed for the first time in a joint statement released earlier today by the FBI, DHS-CISA, and the Office of the Director of National Intelligence (ODNI). "Over the course of the past several days, the FBI, CISA, and ODNI have become aware of a significant and ongoing cybersecurity campaign," the US intelligence agencies said. READ MORE...
A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a "killswitch" designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. READ MORE...
Researchers from IBM Trusteer say they've uncovered a massive fraud operation that used a network of mobile device emulators to drain millions of dollars from online bank accounts in a matter of days. The scale of the operation was unlike anything the researchers have seen before. In one case, crooks used about 20 emulators to mimic more than 16,000 phones belonging to customers whose mobile bank accounts had been compromised. READ MORE...
Trend Micro informed customers this week that an update for its InterScan Web Security Virtual Appliance (IWSVA) patches several potentially serious vulnerabilities, including ones that can be exploited to remotely take control of the appliance. The vulnerabilities were discovered by Wolfgang Ettlinger, a researcher at Austria-based cybersecurity consultancy SEC Consult, and they were reported to Trend Micro in the summer of 2019. READ MORE...
The Federal Bureau of Investigation has released a Private Industry Notification to warn of DoppelPaymer ransomware attacks on critical infrastructure. DoppelPaymer emerged as a forked version of BitPaymer (also known as FriedEx), both believed to be the work of TA505, the threat actor best known for the infamous Dridex Trojan and Locky ransomware families. READ MORE...
Malicious Chrome and Edge browser extensions with over 3 million installs, most of them still available on the Chrome Web Store and the Microsoft Edge Add-ons portal, are capable of stealing users' info and redirecting them to phishing sites. The malware-laced extensions found by Avast Threat Intelligence researchers are designed to look like helper add-ons for Instagram, Facebook, Vimeo, and other high-profile online platforms. READ MORE...
Christmas is coming, and so are the smart toys. The ever-present pandemic has meant a lot more staying at home this year. Videogame playing has increased considerably, because why not? Screentime for kids has gone up, because again, it's bound to. It hasn't brought about the end of civilisation and the kids are still alright. Here's how to keep smart toy security top of your Christmas list, and keep your kids safe from harm. READ MORE...
Google has been having a rough time this week with service outages. It has now had two days, maybe even three days depending on who you ask, of major downtime. On Monday, Google's authentication system went down for about an hour, taking down Gmail, YouTube, Google Maps, Google Docs, and most other Google services. Google blamed the outage on "an internal storage quota issue," which sounds a lot like Google ran out of storage space. READ MORE...
Hewlett Packard Enterprise (HPE) has disclosed a zero-day bug in the latest versions of its proprietary HPE Systems Insight Manager (SIM) software for Windows and Linux. While security updates are not yet available for this remote code execution (RCE) vulnerability, HPE has provided Windows mitigation info and is working on addressing the zero-day. Zero-days are publicly disclosed vulnerabilities not yet patched by the vendor which, in some cases, are also actively exploited in the wild. READ MORE...