State-sponsored threat actors from Russia have stolen unclassified but sensitive data on US weapons development and specific technologies used by the US military and government as part of a broader and ongoing cyber espionage campaign going back to at least January 2020. The campaign's victims have included big and small private companies and contractors that have obtained security clearance to do work for the US Department of Defense and the intelligence community. READ MORE...
Five major Canadian banks went offline for hours blocking access to online and mobile banking as well as e-transfers for customers. The banks hit by the outage include Royal Bank of Canada (RBC), BMO (Bank of Montreal), Scotiabank, TD Bank Canada, and the Canadian Imperial Bank of Commerce (CIBC). Canada's five major banks went offline yesterday impeding access to e-Transfers, online and mobile banking services for many. READ MORE...
A network intrusion at the International Committee for the Red Cross (ICRC) in January led to the theft of personal information on more than 500,000 people receiving assistance from the group. KrebsOnSecurity has learned that the email address used by a cybercriminal actor who offered to sell the stolen ICRC data also was used to register multiple domain names the FBI says are tied to a sprawling media influence operation originating from Iran. READ MORE...
Mozilla is warning website developers that the upcoming Firefox 100 and Chrome 100 versions may break websites when parsing user-agent strings containing three-digit version numbers. A user-agent is a string used by a web browser that includes information about the software, such as the browser name, its version number, and the various technologies it uses. READ MORE...
Threat actors are targeting Microsoft Teams users by planting malicious documents in chat threads that execute Trojans that ultimately can take over end-user machines, researchers have found. In January, researchers at Avanan, a Check Point Company, began tracking the campaign, which drops malicious executable files in Teams conversations that, when clicked on, eventually take over the user's computer, according to a report published Thursday. READ MORE...
Cisco this week informed customers that its Email Security Appliance (ESA) product is affected by a high-severity denial of service (DoS) vulnerability that can be exploited using specially crafted emails. The flaw, tracked as CVE-2022-20653, affects the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for ESA. It can be exploited remotely without authentication. READ MORE...
JFrog's security researchers on Tuesday published full technical details on a high-severity remote code execution vulnerability addressed in the latest version of Apache Cassandra. A distributed NoSQL database that offers high scalability, Cassandra is popular among organizations such as Netflix, Reddit, Twitter, Cisco, Constant Contact, Digg, Urban Airship, OpenX, and more, as well as among cloud-native and DevOps development circles. READ MORE...