A Chinese-speaking threat actor has deployed a new backdoor in multiple cyber-espionage operations spanning roughly two years and targeting military organizations from Southeast Asia. For at least a decade, the hacking group known as Naikon has actively spied on organizations in countries around the South China Sea, including the Philippines, Malaysia, Indonesia, Singapore, and Thailand, for at least a decade, since 2010. READ MORE...
Ransomware hacking groups are getting greedier. The average demand for a digital extortion payment shot up in the first quarter of this year to $220,298, up 43% from the previous quarter, according to a quarterly report from Coveware, a ransomware response firm. The median payment, too, jumped up 58% from from $49,450 to $78,398. The majority of ransomware attacks in the first quarter also involved theft of corporate data, a continuation of a trend of ransomware actors increasingly relying on exfiltration and extortion demands. READ MORE...
Microsoft Edge will automatically redirect users to a secure HTTPS connection when visiting websites using the HTTP protocol, starting with version 92, coming in late July. By default, this new option will allow Edge users to switch from HTTP to HTTPS on websites that are likely to support the more secure protocol. However, users will also be able to configure the browser to upgrade all connections to HTTPS as the default internet communication protocol for all domains. READ MORE...
Millions of email addresses collected by Emotet botnet for malware distribution campaigns have been shared by the Federal Bureau of Investigation (FBI) as part of the agency's effort to clean infected computers. Individuals and domain owners can now learn if Emotet impacted their accounts by searching the database with email addresses stolen by the malware. Earlier this year, law enforcement took control of Emotet botnet's infrastructure that involved several hundreds of servers all over the world. READ MORE...
About 900 Internet users in Tumbler Ridge, British Columbia, lost service for 36 hours when beavers chewed through an underground fiber cable in what network operator Telus called a "very bizarre and uniquely Canadian turn of events." The beavers apparently used some of the Telus materials to build their dam. Internet service went down at about 4 am Saturday and was restored by Telus at around 3:30 pm on Sunday. READ MORE...
Power management solutions provider Eaton has released patches for its Intelligent Power Manager (IPM) software to address several potentially serious vulnerabilities, including ones that researchers say could allow hackers to disrupt power supply. Eaton's IPM solution is designed to ensure system uptime and data integrity by allowing organizations to remotely monitor, manage and control the uninterruptible power supply (UPS) devices on their network. READ MORE...
Organizations are increasingly adopting cloud-based services such as Microsoft 365 to host applications and data. Sophisticated threat actors are catching on and Mandiant has observed an increased focus on long-term persistent access to Microsoft 365 as one of their primary objectives. In this blog post we will show how a threat actor, with the right privilege, can extract the encrypted Token Signing Certificate from anywhere on the internal network. READ MORE...
An information-disclosure security vulnerability has been discovered in the Linux kernel, which can be exploited to expose information in the kernel stack memory of vulnerable devices. Specifically, the bug (CVE-2020-28588) exists in the /proc/pid/syscall functionality of 32-bit ARM devices running Linux, according to Cisco Talos, which discovered the vulnerability. It arises from an improper conversion of numeric values when reading the file. READ MORE...