Russian hackers are exploiting bug that gives control of US servers
A Russian hacking group tied to power-grid attacks in Ukraine, the world's most destructive data wiper worm, and other nefarious Kremlin operations is exploiting a vulnerability that allows it to take control of computers operated by the US government and its partners. In an advisory published on Thursday, the US National Security Agency said that the Sandworm group was actively exploiting a vulnerability in Exim, an open source mail transfer agent, or MTA, for Unix-based operating systems. READ MORE...
Cisco security breach hits corporate servers that ran unpatched software
Six servers Cisco uses to provide a virtual networking service were compromised by hackers who exploited critical flaws contained in unpatched versions the open source software service relies on, the company disclosed on Thursday. The May 7 compromise hit six Cisco servers that provide backend connectivity to the Virtual Internet Routing Lab Personal Edition (VIRL-PE), a Cisco service that lets customers design and test network topologies without having to deploy actual equipment. READ MORE...
Michigan State University network breached in ransomware attack
Michigan State University received a deadline to pay ransomware attackers under the threat that files stolen from the institution's network will be leaked to the public. The demand is from Netwalker ransomware-as-a-service (RaaS) operators, a group that recently started to recruit skilled network intruders for their affiliate program. A countdown timer on the attacker's website shows that the university has about six days to comply or "secret data" will become public. READ MORE...
Microsoft IIS servers hacked by Blue Mockingbird to mine Monero
This month news broke about a hacker group, namely Blue Mockingbird, exploiting a critical vulnerability in Microsoft IIS servers to plant Monero (XMR) cryptocurrency miners on compromised machines. According to the security firm Red Canary, the estimated number of infections is thought to have surpassed 1,000. While originally published in December 2019, the flaw continues to be exploited even today despite patches and fixes having been made available. READ MORE...
Israeli official confirms attempted cyberattack on water systems
Israel last month thwarted a cyberattack on control systems at water facilities, a senior government official said Thursday while warning of the dangers of escalating conflicts in cyberspace. The "synchronized and organized attack" on civilian infrastructure was aimed at disrupting the industrial computers that underpin Israeli water facilities, said Yigal Unna, head of Israel's National Cyber Directorate. READ MORE...
Researchers Unmask Brazilian Hacker Who Attacked Thousands of Websites
Researchers at cybersecurity company Check Point said on Thursday that they have found the real identity of VandaTheGod, a Brazilian hacker involved in both hacktivist operations and financially-motivated cybercrimes. Check Point told SecurityWeek that it informed law enforcement about its findings in October 2019, but the hacker continued to be active up until May 2020. READ MORE...
PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time
A Java-based ransomware known as PonyFinal has galloped onto the scene, targeting enterprise systems management servers as an initial infection vector. According to a warning on Twitter from Microsoft Security Intelligence on Wednesday, PonyFinal is not an automated threat, but rather has humans pulling the reins. It exfiltrates information about infected environments, spreads laterally and then waits before striking. READ MORE...
ACLU Sues Clearview AI Over Faceprint Collection, Sale
The American Civil Liberties Union (ACLU) has sued a New York-based startup for amassing a database of biometric face-identification data of billions of people and selling it to third parties without their consent or knowledge. The U.S. citizens'-rights watchdog organization has filed suit in the Circuit Court of Cook County in Illinois against Clearview AI, on behalf of a number of organizations comprised of vulnerable communities. READ MORE...
- ...in 1848, Wisconsin becomes the 30th state.
- ...in 1913, Igor Stravinsky's score for "The Rite of Spring" has its debut performance in Paris. It provoked a riot that broke out inside the theatre.
- ...in 1953, Sir Edmund Hillary and Tenzing Norgay become the first individuals to reach the top of Mount Everest.
- ...in 1999, The Space Shuttle Discovery executes the first-ever docking maneuver with the International Space Station.
