How an unpatched Microsoft Exchange 0-day likely caused one of the UK's biggest hacks ever
It's looking more and more likely that a critical zero-day vulnerability that went unfixed for more than a month in Microsoft Exchange was the cause of one of the UK's biggest hacks ever-the breach of the country's Electoral Commission, which exposed data for as many as 40 million residents. Electoral Commission officials disclosed the breach on Tuesday. They said that they discovered the intrusion last October when they found "suspicious activity" on their networks. READ MORE...
Microsoft 365 accounts of execs, managers hijacked through EvilProxy
A phishing campaign leveraging the EvilProxy phishing-as-a-service (PhaaS) tool has been spotted targeting Microsoft 365 user accounts of C-level executives and managers at over 100 organizations around the world. As organizations increasingly employ multi-factor authentication (MFA), threat actors have switched to using phishing services such as EvilProxy, which uses reverse proxy and cookie injection methods to steal authentication credentials and session cookies. READ MORE...
Missouri warns that health info was stolen in IBM MOVEit data breach
Missouri's Department of Social Services warns that protected Medicaid healthcare information was exposed in a data breach after IBM suffered a MOVEit data theft attack. The attack was conducted by the Clop ransomware gang, who began hacking MOVEit Transfer servers on May 27th using a zero-day vulnerability tracked as CVE-2023-34362. These attacks allowed the threat actors to steal data from over 600 companies worldwide. READ MORE...
Ukrainian official: Russian hackers change tactics from disruptive attacks
Russian hackers targeting Ukraine have pivoted away from disruptive attacks and are increasingly focusing on collecting data of use to Russian forces on the battlefield, Victor Zhora, a top Ukrainian cybersecurity official, said during a panel appearance at the Black Hat security conference in Las Vegas. Some 15 months since Russian forces invaded Ukraine, Zhora has observed "a shift from disruptive and chaotic attacks to more focused activity, cyber espionage and data collection." READ MORE...
Hackers with links to Pro-Russian groups compromised foreign embassies in Belarus, researchers say
A newly identified cyberespionage group in Belarus is targeting foreign embassies often with the assistance of local internet service providers, researchers with the cybersecurity firm ESET said Thursday. The group that has been operating since 2014 and ESET dubbed MustachedBouncer has compromised embassy staff from at least two European countries, one from South Asia and one from Africa, as early as 2017, according to research set to be presented this week at the Black Hat security conference in Las Vegas. READ MORE...
RedHotel Checks in as Dominant China-Backed Cyberspy Group
An advanced persistent threat (APT) is pulling ahead in a crowded field of China state-sponsored actors as a dominant cyber espionage threat. The RedHotel group has so far gone after governments across 17 countries on three continents, conducting both intelligence-gathering and economic espionage using a significant infrastructure and toolset to back it all up. READ MORE...
Interpol Shuts Down African Cybercrime Group, Seizes $2 Million
A cross-border investigation into West African cybercriminal groups has resulted in 103 arrests and the seizure of more than €2 million (US$2.2 million). The investigation, Operation Jackal, was led by law enforcement agencies across 21 countries on six continents and targeted cybercrime groups such as Nigerian criminal gang "Black Axe," according to a statement from Interpol. READ MORE...
Western Digital, Synology NAS Vulnerabilities Exposed Millions of Users' Files
Critical vulnerabilities discovered by IoT and industrial cybersecurity firm Claroty in Western Digital (WD) and Synology network-attached storage (NAS) products could have exposed the files of millions of users. The vulnerabilities and their exploitation was demonstrated at the Zero Day Initiative's Pwn2Own Toronto hacker contest in December 2022, where participants earned a total of nearly $1 million for hacking smartphones, printers, routers, NAS devices, and smart speakers. READ MORE...
CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a zero-day flaw affecting Microsoft's .NET and Visual Studio products to its Known Exploited Vulnerabilities Catalog. The vulnerability, tracked as CVE-2023-38180, was fixed by Microsoft with its August 2023 Patch Tuesday updates, which also address CVE-2023-36884, an Office vulnerability exploited by Russian threat actors. READ MORE...
- ...in 1846, the Smithsonian Institution is chartered by the US Congress.
- ...in 1909, inventor and manufacturer Leo Fender, the designer of the classic Telecaster and Stratocaster electric guitars, is born in Anaheim, CA.
- ...in 1950, Billy Wilder's film noir "Sunset Boulevard," starring William Holden and Gloria Swanson, premieres at Radio City Music Hall.
- ...in 1960, NASA launches Discoverer 13 satellite; it would become the first object ever recovered from orbit.
