The US State Department said Thursday that hackers took around 60,000 emails, although none of them classified, in an attack which Microsoft has blamed on China. Microsoft revealed in July that a Chinese hacking group had breached its email platform and accessed messages from around 25 organizations including US government agencies. "It was approximately 60,000 unclassified emails that were exfiltrated as a part of that breach," State Department spokesman Matthew Miller told reporters. READ MORE...
Johnson Controls, a multinational conglomerate that secures industrial control systems, security equipment, fire safety and air conditioning systems, has been hit by a massive cyber attack. The company, which employs over 100,000 people around the world, suffered a ransomware attack over the weekend which left data encrypted and caused it to shut down sections of its IT infrastructure. READ MORE...
U.S. and Japanese authorities warned a state-backed cyber threat group, identified as BlackTech, is abusing firmware in Cisco and other routers to hack into companies in both countries. Officials said the group, linked to the People's Republic of China, is using custom malware and living-off-the-land techniques to infiltrate international subsidiaries of these companies and gain trusted access to computer systems inside the main headquarters at unsuspecting firms. READ MORE...
A novel info-stealing malware variant is lurking behind fake installation packages of the open source password manager Bitwarden, in an elaborate scheme exclusively targeting Windows users. The attack uses a fake website to distribute the packages. Researcher Jérôme Segura, senior director of threat intelligence at Malwarebytes, shared a sample of the malware - dubbed ZenRAT - with researchers at Proofpoint in August, they revealed in a blog post published this week. READ MORE...
Progress Software, the maker of the MOVEit Transfer file-sharing platform recently exploited in widespread data theft attacks, warned customers to patch a maximum severity vulnerability in its WS_FTP Server software. The company says thousands of IT teams worldwide use its enterprise-grade WS_FTP Server secure file transfer software. In an advisory published on Wednesday, Progress disclosed multiple vulnerabilities impacting the software's manager interface and Ad hoc Transfer Module. READ MORE...
Gaps in Cloudflare's security controls allow users to bypass customer-configured protection mechanisms and target other users from the platform itself, technology consulting firm Certitude warns. The issue, the company says, arises from the shared infrastructure that all Cloudflare tenants have access to, allowing malicious actors to abuse the trust customers place in the platform's protections to target them via Cloudflare. READ MORE...