The Russian state hackers who orchestrated the SolarWinds supply chain attack last year exploited an iOS zero-day as part of a separate malicious email campaign aimed at stealing Web authentication credentials from Western European governments, according to Google and Microsoft. In a post Google published on Wednesday, researchers said a "likely Russian government-backed actor" exploited the then-unknown vulnerability by sending messages to government officials over LinkedIn. READ MORE...
Hackers gained access to the Social Security numbers of more than two dozen people during a ransomware attack that forced the city of Tulsa to shut down parts of its computer network for months, officials said. The hackers got Social Security numbers for 27 people in the cyberattack Tulsa detected May 6, Michael Dellinger, the city's chief information officer, said Tuesday. READ MORE...
Have you noticed that lately we've been hearing more about in-the-wild attacks exploiting 0-day vulnerabilities? "Halfway into 2021, there have been 33 0-day exploits used in attacks that have been publicly disclosed this year - 11 more than the total number from 2020," researchers with Google's Threat Analysis Group (TAG) have pointed out in a recent blog post. Does this mean that threat actors are leveraging more 0-day exploits than ever? Or that researchers and threat analysts are getting better at detecting these attacks? READ MORE...
Lenovo this week published information on three vulnerabilities that impact the BIOS of two of its desktop products and approximately 60 laptop and notebook models. Tracked as CVE-2021-3452 and affecting tens of ThinkPad models, the first of the bugs impacts the system shutdown SMI callback function and could be abused by a local attacker that already has elevated privileges on the device to execute arbitrary code. READ MORE...
The Trickbot trojan is in resurgence mode, with its operators filling out infrastructure globally and releasing an updated version of its "vncDll" module, used for monitoring and intelligence gathering, researchers said. According to an analysis this week from Bitdefender, there has been "a significant increase in [Trickbot] command-and-control (C2) centers deployed around the world," in the wake of an October takedown by Microsoft and partners. READ MORE...