Three federal agencies said Wednesday that North Korean hackers have been attacking the health care sector with ransomware, and cautioned victims that paying up could run afoul of U.S. sanctions rules. The FBI, the Department of Homeland Security's Cybersecurity an Infrastructure Security Agency and the Treasury Department said in an alert that the hackers were using a kind of ransomware dubbed "Maui" to go after health care and public health organizations. READ MORE...
A misconfigured Amazon S3 bucket resulted in 3TB of airport data (more than 1.5 million files) being publicly accessible, open, and without an authentication requirement for access, highlighting the dangers of unsecured cloud infrastructure within the travel sector. The exposed information, uncovered by Skyhigh Security, includes employee personal identification information (PII) and other sensitive company data affecting at least four airports in Colombia and Peru. READ MORE...
Russian intelligence has been using state-controlled media and other disinformation channels to disseminate propaganda designed to divide the Western coalition supporting Ukraine, according to a report the cybersecurity firm Recorded Future released Thursday. Much of the open-source propaganda Recorded Future found closely aligns with what the firm refers to as an "unverified analytical note" from the Fifth Service of Russia's Federal Security Service (FSB). READ MORE...
SHI International, a New Jersey-based provider of Information Technology (IT) products and services, has confirmed that a malware attack hit its network over the weekend. SHI claims to be one of North America's largest IT solutions providers, with $12.3 billion in revenue in 2021 and 5,000 employees around the world in operations centers in the U.S., the United Kingdom, and the Netherlands. READ MORE...
The group behind Hive ransomware completed a full code migration and overhaul to use a more complex encryption method for its ransomware as a service payload, researchers from Microsoft Threat Intelligence Center found. Microsoft describes Hive, which was first observed in June 2021, as one of the most prevalent ransomware payloads and one of the fastest evolving ransomware families. READ MORE...
Researchers at ReversingLabs have uncovered evidence of a widespread software supply chain attack through malicious JavaScript packages picked up via NPM. NPM was acquired by Microsoft-owned GitHub in 2020 and has suffered from the odd issue or two over the years (from authorization problems in 2021 to credential problems this year). The latest problem stems from typo-squatting, where an attacker offers up malicious packages with names similar to (or easy misspellings of) real packages. READ MORE...
The popular protocol for radio controlled (RC) aircraft called ExpressLRS can be hacked in only a few steps, according to a bulletin published last week. ExpressLRS is an open-source long range radio link for RC applications, such as first-person view (FPV) drones. "Designed to be the best FPV Racing link," wrote its authors on Github. According to the report the hack utilizes "a highly optimized over-the-air packet structure, giving simultaneous range and latency advantages." READ MORE...
The National Institute of Standards and Technology has selected four candidates to form the basis of future data-protection technologies to resist attack by quantum computers, the US science agency said on July 5. NIST has also advanced four other candidates for additional scrutiny and has called for more proposals for digital signature algorithms by the end of summer. READ MORE...
Just over a week ago, the newswires were abuzz with news of a potentially serious bug in the widely-used cryptographic library OpenSSL. Some headlines went as far as describing the bug as a possibly "worse-than-Heartbleed flaw", which was dramatic language indeed. Heartbleed, as you may remember, was a high-profile data leakage bug that lurked unnoticed in OpenSSL for several years before being outed in a flurry of publicity back in 2014: READ MORE...