A Chinese hacking group simultaneously used six different backdoors against more than a dozen industrial plants, research institutes, government agencies and ministries in Belarus, Russia, Ukraine and Afghanistan, researchers with Kaspersky said Monday. Through carefully crafted phishing emails, the group managed to "penetrate dozens of enterprises and even hijack the IT infrastructure of some, taking control of systems used to manage security solutions," the researchers said. READ MORE...
Cloud communications company Twilio says some of its customers' data was accessed by attackers who breached internal systems after stealing employee credentials in an SMS phishing attack. "On August 4, 2022, Twilio became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials," Twilio said over the weekend. READ MORE...
Popular collaboration tool Slack (not to be confused with the nickname of the world's longest-running Linux distro, Slackware) has just owned up to a long-running cybersecurity SNAFU. According to a news bulletin entitled Notice about Slack password resets, the company admitted that it had inadvertently been oversharing personal data "when users created or revoked a shared invitation link for their workspace." READ MORE...
Hive, LockBit and BlackCat, three prominent ransomware gangs, consecutively attacked the same network, according to Sophos. The first two attacks took place within two hours, and the third attack took place two weeks later. Each ransomware gang left its own ransom demand, and some of the files were triple encrypted. "It's bad enough to get one ransomware note, let alone three," said John Shier, senior security advisor at Sophos. READ MORE...
Open redirect vulnerabilities affecting American Express and Snapchat websites were exploited earlier this year as part of phishing campaigns targeting Microsoft 365 users, email security firm Inky reports. Open redirect flaws exist because the impacted website does not validate user input, which allows threat actors to manipulate URLs to redirect users to malicious sites. Because the manipulated link contains a legitimate domain name, the user might consider the link safe. READ MORE...
In a new critical security advisory, VMSA-2022-0021, VMWare describes multiple vulnerabilities in several of its products, one of which has a CVSS score of 9.8. Exploiting these vulnerabilities would enable a threat actor with network access to bypass authentication and execute code remotely. VMWare patched several other vulnerabilities. These bugs would enable attackers to gain remote code execution or to escalate privileges to 'root' on unpatched servers. READ MORE...
Cisco has released a security advisory about several vulnerabilities in the Cisco Small Business RV series routers, covering the RV160, RV260, RV340, and RV345. There are no workarounds available that address these vulnerabilities, so you need to patch. The vulnerabilities are dependent on one another-exploitation of one of the vulnerabilities may be required to exploit another vulnerability. Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. READ MORE...
Microsoft has warned today that Windows devices with the newest supported processors are susceptible to "data damage" on Windows 11 and Windows Server 2022. "Windows devices that support the newest Vector Advanced Encryption Standard (AES) (VAES) instruction set might be susceptible to data damage," the company revealed today. While Microsoft mentions the data loss risks on affected systems, the company does not elaborate on what customers should expect if they're hit by this issue. READ MORE...