Barracuda Urges Replacing - Not Patching - Its Email Security Gateways
It's not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware - as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely updated with software fixes. READ MORE...
City of Dallas Still Clawing Back Weeks After Cyber Incident
A month after the city of Dallas experienced a ransomware attack that took down major city services, city officials have announced that they have made significant progress, but there is still a substantial amount of work left to be done. The Royal ransomware attack on May 3 affected services such as 311 (for non-emergency services), public libraries, animal shelters, safety departments, and online payment systems, though the Dallas IT team has now restored 90% of the network, it said. READ MORE...
North Korean Hackers Blamed for $35 Million Atomic Wallet Crypto Theft
Blockchain analytics firm Elliptic believes that the North Korean advanced persistent threat (APT) actor known as Lazarus Group is responsible for the recent theft of cryptocurrency from Atomic Wallet. A decentralized cryptocurrency wallet service with roughly five million users, Atomic is available on all major operating systems, including Windows, macOS, Linux, Android, and iOS. READ MORE...
SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint
Cybersecurity firm Obsidian has observed a successful ransomware attack against Sharepoint Online (Microsoft 365) via a Microsoft Global SaaS admin account rather than the more usual route of a compromised endpoint. The attack was analyzed post-compromise when the victim employed the Obsidian product and research team to determine the finer points of the attack. In its blog account of the incident, Obsidian did not disclose the victim, but believes the attacker was the group known as 0mega. READ MORE...
Asylum Ambuscade: crimeware or cyberespionage?
Asylum Ambuscade is a cybercrime group that has been performing cyberespionage operations on the side. They were first publicly outed in March 2022 by Proofpoint researchers after the group targeted European government staff involved in helping Ukrainian refugees, just a few weeks after the start of the Russia-Ukraine war. In this blogpost, we provide details about the early 2022 espionage campaign and about multiple cybercrime campaigns in 2022 and 2023. READ MORE...
BlackCat ransomware fails to extort Australian commercial law giant
Australian law firm HWL Ebsworth confirmed to local media outlets that its network was hacked after the ALPHV ransomware gang began leaking data they claim was stolen from the company. HWL Ebsworth is one of Australia's largest law firms, with an annual revenue of hundreds of millions of dollars, employing over 2,000 people and operating nine offices nationwide. READ MORE...
The Growing Cyber Threats of Generative AI: Who's Accountable?
Consider a sudden increase in sophisticated malware attacks, advanced persistent threats (APTs), and organizational data breaches. Upon investigation, it is discovered that these attacks are crafted by cybercriminals who have been empowered with generative AI. Who should be held accountable? The cybercriminals themselves? The generative AI bots? The organizations that created these bots? Or perhaps the government that lacks regulation and accountability? READ MORE...
Robot can rip the data out of RAM chips with chilling technology
Cold boot attacks, in which memory chips can be chilled and data including encryption keys plundered, were demonstrated way back in 2008 - but they just got automated. That original type of attack has been improved and automated in the form of a memory-pilfering machine that can be yours for around $2,000, with a bit of self-guided electrical fiddling. READ MORE...
PoC released for Windows Win32k bug exploited in attacks
Researchers have released a proof-of-concept (PoC) exploit for an actively exploited Windows local privilege escalation vulnerability fixed as part of the May 2023 Patch Tuesday. The Win32k subsystem (Win32k.sys kernel driver) manages the operating system's window manager, screen output, input, and graphics, and acts as an interface between various types of input hardware. READ MORE...
- ...in 1915, Lester Polsfuss AKA Les Paul, the pioneering guitarist and engineer who designed one of the earliest solid-body electric guitars, is born in Waukesha, WI.
- ...in 1934, Donald Duck makes his onscreen debut in the Disney short "The Wise Little Hen".
- ...in 1964, the Central Intelligence Agency (CIA) submits a memo that effectively challenges the "domino theory" backbone of the Johnson administration policies
- ...in 1973, Secretariat wins the coveted Triple Crown.
