Hackers backed by the North Korean government are weaponizing well-known pieces of open source software in an ongoing campaign that has already succeeded in compromising "numerous" organizations in the media, defense and aerospace, and IT services industries, Microsoft said on Thursday. ZINC (AKA Lazarus) has been lacing PuTTY and other legitimate open source applications with highly encrypted code that ultimately installs espionage malware. READ MORE...
A former National Security Agency employee appeared in federal court Thursday on charges that he attempted to transmit classified "national defense information" to an FBI agent he believed was a Russian operative in exchange for $85,000, according to the Justice Department. The former employee, Jareh Sebastian Dalke, allegedly told the undercover agent that he had access to information "relating to foreign targeting of U.S. systems and information on cyber operations," according to the affidavit. READ MORE...
A 40-year-old man could face up to 10 years in prison, after admitting in a US District Court to sabotaging his former employer's computer systems. Casey K Umetsu, of Honolulu, Hawaii, has pleaded guilty to charges that he deliberately misdirected a financial company's email traffic and prevented customers from reaching its website in a failed attempt to convince the firm to rehire him at a greater salary. READ MORE...
Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world's largest corporations. It's not clear who's behind this network of fake CISOs or what their intentions may be. But the fabricated LinkedIn identities are confusing search engine results for CISO roles at major companies, and they are being indexed as gospel by various downstream data-scraping sources. READ MORE...
Security researchers have discovered a malicious campaign by the 'Witchetty' hacking group, which uses steganography to hide a backdoor malware in a Windows logo. Witchetty is believed to have close ties to the state-backed Chinese threat actor APT10 (aka 'Cicada'). The group is also considered part of the TA410 operatives, previously linked to attacks against U.S. energy providers. READ MORE...
In the fall of 2019, after writing about how Sodinokibi ransomware affiliates bragged online about the money they were making, threat intelligence researchers with McAfee Advanced Threat Research received an interesting email. The sender turned out to be a "disgruntled internal source" upset with how other hackers boasted about earnings while they hadn't been paid. READ MORE...
Microsoft has confirmed that two recently reported zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019 are being exploited in the wild. "The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is accessible to the attacker," Microsoft said. READ MORE...
Canon Medical's Vitrea View is a widely used tool for securely sharing medical images between radiologists, physicians, and other healthcare providers on a patient care team. Two newly discovered vulnerabilities (collectively tracked as CVE-2022-37461) could allow threat actors to access much more than X-rays. One flaw is an unauthenticated reflected cross-site scripting (XSS) in an error message, according to a new report from Trustwave's SpiderLabs. READ MORE...
Inspired by the functioning of pulsed lasers, scientists from France and Japan have developed an acoustic counterpart that enables the precise and controlled transmission of single electrons between quantum nodes. The spin of an electron can serve as a basis for creating qubits-the basic unit of information of quantum computing. In order to process or store that information, the information in qubits may have to be transported between quantum nodes in a network. READ MORE...