The Vermont Department of Taxes today disclosed that taxpayers' private information was exposed because of a security issue affecting its online filing site discovered on July 2, 2020. The data breach affected all Vermonters who electronically filed Property Transfer Tax returns using the tax department's site between February 2017 and July 2020. According to Vermont's Department of Taxes, once it was alerted of the security vulnerability, it immediately disabled access for unauthorized third parties. READ MORE...
Security researchers at Kaspersky have uncovered a new cyber-mercenary group that they claim has been providing hacking services for hire for almost a decade. Dubbed "Deceptikons," the APT group isn't particularly sophisticated from a technical perspective and isn't known to have deployed any zero-day threats during that time, the Russian AV vendor said in a Q2 round-up report. READ MORE...
FireEye security researchers have linked a series of disinformation operations that have been ongoing since at least March 2017. Referred to as Ghostwriter, the influence campaign mainly targeted audiences in Lithuania, Latvia, and Poland with themes referencing the North Atlantic Treaty Organization (NATO) presence in Eastern Europe, often using compromised websites or spoofed email accounts to distribute the fake content. READ MORE...
The Federal Bureau of Investigation this week released an alert to warn businesses of ongoing cyberattacks involving the NetWalker ransomware. NetWalker, also known as Mailto, has become a widely known threat following a series of high-profile attacks in March 2020, such as those targeting a transportation and logistics company in Australia, and a public health organization in the United States. READ MORE...
The U.S. Internal Revenue Service is asking tax professionals to enable additional forms of authentication in software that provides the option as an improved defense against hacker takeover attempts. The agency specifically refers to multi-factor authentication (MFA), which requires at least two supplementary data points besides the username/password combination to check the identity of a user. READ MORE...
A lack of rate limiting on repeated password attempts allowed potential attackers to crack the numeric passcode used to secure Zoom private meetings as discovered by Tom Anthony, VP Product at SearchPilot. "Zoom meetings are (were) default protected by a 6 digit numeric password, meaning 1 million maximum passwords," as Anthony discovered. The vulnerability he spotted in the Zoom web client allowed attackers to guess any meeting's password by trying all possible combinations until finding the correct one. READ MORE...
A vulnerability (CVE-2020-10713) in the widely used GRUB2 bootloader opens most Linux and Windows systems in use today to persistent compromise, Eclypsium researchers have found. The list of affected systems includes servers and workstations, laptops and desktops, and possibly a large number of Linux-based OT and IoT systems. What's more, the discovery of this vulnerability has spurred a larger effort to audit the GRUB2 code for flaws. READ MORE...
Critical flaws in Adobe's Magento e-commerce platform - which is commonly targeted by attackers like the Magecart cybergang - could enable arbitrary code execution on affected systems. Magento is a popular, Adobe-owned open-source e-commerce platform that powers many online shops. Adobe on Tuesday released security updates for flaws affecting Magento Commerce 2 and Magento Open Source 2, versions 2.3.5-p1 and earlier. These included two critical vulnerabilities and two important-severity flaws. READ MORE...
Remote code-execution vulnerabilities in virtual private network (VPN) products could impact the physical functioning of critical infrastructure in the oil and gas, water and electric utilities space, according to researchers. Researchers at Claroty found that VPNs used to provide remote access to operational technology (OT) networks in industrial systems are vulnerable to an array of security bugs, which could give an attacker direct access to field devices and cause physical damage or shut-downs. READ MORE...