US and allies, including the European Union, the United Kingdom, and NATO, are officially blaming China for this year's widespread Microsoft Exchange hacking campaign. These early 2021 cyberattacks targeted over a quarter of a million Microsoft Exchange servers, belonging to tens of thousands of organizations worldwide. The Biden administration attributes "with a high degree of confidence that malicious cyber actors affiliated with PRC's MSS conducted cyber espionage operations." READ MORE...
Attackers have stolen 1 TB of proprietary data belonging to Saudi Aramco and are offering it for sale on the darknet. The Saudi Arabian Oil Company, better known as Saudi Aramco, is one of the largest public petroleum and natural gas companies in the world. The oil giant employs over 66,000 employees and brings in almost $230 billion in annual revenue. The threat actors are offering Saudi Aramco's data starting at a negotiable price of $5 million. READ MORE...
D-Link has issued a firmware hotfix to address multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Following successful exploitation, they can let attackers execute arbitrary code on unpatched routers, gain access to sensitive information or crash the routers after triggering a denial of service state. The DIR-3040 security flaws discovered and reported by Cisco Talos security researcher Dave McDaniel include hardcoded passwords, command injection, and information disclosure bugs. READ MORE...
For the first time, researchers have publicly spotted a Linux encryptor used by the HelloKitty ransomware gang: the outfit behind the February attack on videogame developer CD Projekt Red. On Wednesday, MalwareHunterTeam disclosed its discovery of numerous Linux ELF-64 versions of the HelloKitty ransomware targeting VMware ESXi servers and virtual machines (VMs) running on them. READ MORE...
Security researchers have designed a new way to detect brand impersonation using Siamese Neural Networks, which can learn and make predictions based on smaller amounts of data. These attacks, in which adversaries craft content to mimic known brands and trick victims into sharing information, have grown harder to detect as technology and techniques improve, says Justin Grana, applied researcher at Microsoft. READ MORE...
An international team of computer scientists reported on Friday that they found four cryptographic vulnerabilities in the popular encrypted message app Telegram. The weaknesses range "from technically trivial and easy to exploit to more advanced and of theoretical interest," according to the security analysis. But ultimately they prove that the four key issues "could be done better, more securely and in a more trustworthy manner with a standard approach to cryptography," said ETH Zurich Professor Kenny Paterson. READ MORE...
A critical remote code-execution vulnerability in Juniper Networks' Steel-Belted Radius (SBR) Carrier Edition lays open wireless carrier and fixed operator networks to tampering. The SBR Carrier server is used by telecom carriers to manage policies for how subscribers access their networks - by centralizing user authentication, delivering the appropriate level of access and ensuring compliance with security policies. READ MORE...