Missouri Governor Mike Parson made headlines last year when he vowed to criminally prosecute a journalist for reporting a security flaw in a state website that exposed personal information of more than 100,000 teachers. But Missouri prosecutors now say they will not pursue charges following revelations that the data had been exposed since 2011 - two years after responsibility for securing the state's IT systems was centralized within Parson's own Office of Administration. READ MORE...
Seattle, Washington-based logistics giant Expeditors International on Sunday announced the disruption of its global systems as a result of a cyberattack. The Fortune 500 company said it had shut down most of its operating systems, and in an update shared on Monday informed customers that its operations had still been impacted. The company described it as a "targeted cyberattack," but shared no other details. Based on its brief description of the incident, it may have been a ransomware attack. READ MORE...
Dark web threat actors are looking to take advantage of the tensions between Russia and Ukraine, offering network access and databases that could be relevant to those involved in the conflict, according to a new report from Accenture. Since mid-January, cybercriminals have started to advertise compromised assets relevant to the Russia-Ukraine conflict, and they are expected to increase their offering of databases and network access, with potentially crippling effects for the targeted organizations. READ MORE...
Analysis of the recently-emerged Entropy ransomware reveals code-level similarities with the general purpose Dridex malware that started as a banking trojan. Two Entropy ransomware attacks against different organizations allowed researchers to connect the dots and establish a connection between the two pieces of malware. In a report today, Sophos principal researcher Andrew Brandt says that deeper inspection of the Entropy malware was prompted by a detection signature that had been created for catching Dridex. READ MORE...
Owners of Asustor NAS drives have woken up to discover that data they believed was safe and sound on their network storage devices has instead been encrypted by ransomware, and that cybercriminals are demanding a ransom. Affected Asustor users have been posting on Asustor's support forum about how they discovered their NAS drives have been hit by the DeadBolt ransomware. READ MORE...
The number of cyberattacks launched against mobile users was down last year, researchers have found - but don't pop the champagne just yet. The decline was offset by jacked-up, more sophisticated, more nimble mobile nastiness. In a Monday report, Kaspersky said that its researchers have observed a downward trend in the number of attacks on mobile users, as shown in the chart below. However, attacks are becoming more sophisticated in terms of both malware functionality and vectors. READ MORE...
The United States Cybersecurity and Infrastructure Security Agency (CISA) this week expanded its Known Exploited Vulnerabilities Catalog with two critical flaws in the Zabbix enterprise monitoring solution. Tracked as CVE-2022-23131 and CVE-2022-23134, the two vulnerabilities could be exploited to bypass authentication and gain administrator privileges, which could then allow an attacker to execute arbitrary commands. READ MORE...
Threat analysts have observed a new wave of attacks installing Cobalt Strike beacons on vulnerable Microsoft SQL Servers, leading to deeper infiltration and subsequent malware infections. MS-SQL Server is a popular database management system powering large internet applications to small single-system applets. However, many of these deployments aren't adequately secured as they are publicly exposed to the Internet with weak passwords. READ MORE...
Academics at Tel Aviv University in Israel have found that recent Android-based Samsung phones shipped with design flaws that allow the extraction of secret cryptographic keys. The researchers - Alon Shakevsky, Eyal Ronen, and Avishai Wool - describe their work in a paper titled, "Trust Dies in Darkness: Shedding Light on Samsung's TrustZone Keymaster Design," which is scheduled for presentation at Real World Crypto and USENIX Security, 2022. READ MORE...