Millions of Connected Cameras Open to Eavesdropping

Millions of connected security and home cameras contain a critical software vulnerability that can allow remote attackers to tap into video feeds, according to a warning from the Cybersecurity and Infrastructure Security Agency CISA. The bug CVE-2021-32934, with a CVSS v3 base score of 9.1 has be...

Malicious PDFs Flood the Web, Lead to Password-Snarfing

The pushers behind the SolarMarker backdoor malware are flooding the web with PDFs stuffed with keywords and links that redirect to the password-stealing, credential-snarfing malware. Microsoft Security Intelligence said in a Tweet on Friday that the SolarMarker also known as Jupyter makers are...

Microsoft Disrupts Large, Cloud-Based BEC Campaign

Threat hunters at Microsoft recently uncovered and disrupted infrastructure that powered a large-scale business email compromise BEC campaign. The infrastructure was hosted on multiple cloud platforms, which allowed it to stay under the radar for quite some time. “The attackers performed discrete...

Insider Risks In the Work-From-Home World

The employee who exfiltrated data after being fired. The employees who exposed 250 million customer records. The employee who stole trade secrets to get a leg up in his next job because hey, after all, it’s “his” work that he’s taking, right? Those are our traditional notions of insider risk and...

SASE & Zero Trust: The Dream Team

Zero Trust: We’ve been kicking that term around since 2003, by what exactly is it? In a nutshell, it’s not treating computers like humans, says Chase Cunningham, chief strategy officer at Ericom Software. Zero trust means “not putting trust relationships inside of computerized systems…and what we...

Microsoft Gets Second Shot at Banning hiQ from Scraping LinkedIn User Data

The U.S. Supreme Court has granted LinkedIn another legal option to try to prevent rival hiQ Labs from scraping public information from its user profiles, something the Microsoft-owned professional networking platform has claimed is a violation of user privacy and a misuse of its data. The court...

Apple Hurries Patches for Safari Bugs Under Active Attack

Apple issued two out-of-band security fixes for its Safari web browser, fixing zero-day vulnerabilities that “may have been actively exploited,” according to a Monday security bulletin by the company. The bugs affect sixth-generation Apple iPhones, iPads and iPod touch model hardware, released...

Utilities ‘Concerningly’ at Risk from Active Exploits

The amount of time that utility networks spend exposed to a known application exploit has spiked over the past two months — something analysts called out as a “concerning datapoint,” and an important reminder that ransomware isn’t the only threat utility networks need to secure against. A new...

Microsoft Teams: Very Bad Tabs Could Have Led to BEC

Attackers could have stepped through a yawning security hole in Microsoft Teams chat service that would have let them masquerade as a targeted company’s employee by reading and sending email on their behalf. On Monday, Tenable’s Evan Grant explained in a post that he found the bug in Microsoft...

Microsoft Teams: Very Bad Tabs Could Have Led to BEC

Attackers could have stepped through a yawning security hole in the Microsoft Teams chat service that would have let them masquerade as a targeted company’s employee, by reading and sending email on their behalf. On Monday, Tenable’s Evan Grant explained in a post that he found the bug in Microso...

Moobot Milks Tenda Router Bugs for Propagation

A variant of the Mirai botnet called Moobot saw a big spike in activity recently, with researchers picking up widespread scanning in their telemetry for a known vulnerability in Tenda routers. It turns out that it was being pushed out from a new cyber-underground malware domain, known as Cyberium...

Volkswagen Vendor Exposed Data of 3.3m Drivers

One of Volkswagen’s vendors left one of its systems open for nearly two years, exposing the personal data of 3.3 million customers – nearly all of them owners or wannabe owners of the automaker’s luxury brand of Audis – Volkswagen America said last week. The breach took place between August 2019...

Bugs Lurking in Cisco UC Provisioning Platform

The Akkadian Provisioning Manager, which is used as a third-party provisioning tool within Cisco Unified Communications environments, has three high-severity security vulnerabilities that can be chained together to enable remote code execution RCE with elevated privileges, researchers said. They...

Baby Clothes Giant Carter’s Leaks 410K Customer Records

Baby clothes retailer Carter’s inadvertently exposed the personal data of hundreds of thousands of its customers, dating back years, according to a new disclosure. The issue started with Linc, which is a vendor the company used to automate purchases online, according to analysts with vpnMentor wh...

REvil Hits US Nuclear Weapons Contractor: Report

Sol Oriens, a subcontractor for the U.S. Department of Energy DOE that works on nuclear weapons with the National Nuclear Security Administration NNSA, last month was hit by a cyberattack that experts say came from the relentless REvil ransomware-as-a-service RaaS gang. The Albuquerque, N.M...

Cyberpunk 2077 Hacked Data Circulating Online

New data from the February hack of CD Projekt Red, the videogame-development company behind Cyberpunk 2077 and the Witcher series, is circulating online. Earlier this year, the company suffered a ransomware attack in which a cyberattack group believed by some to be the HelloKitty gang “gained...

Monumental Supply-Chain Attack on Airlines Traced to State Actor

A monster cyberattack on SITA, a global IT provider for 90 percent of the world’s airline industry, is slowly unfurling to reveal the largest supply-chain attack on the airline industry in history. The enormous data breach, estimated to have already impacted 4.5 million passengers, has potentiall...

Police Grab Slilpp, Biggest Stolen-Logins Market

The U.S. Department of Justice DOJ announced on Thursday that a multinational operation has led to the seizure of Slilpp, a well-known marketplace for selling stolen online logins that offered more than 80 million sets of credentials for sale. Since 2012, Slilpp has been an underground market to...

Hackers Steal FIFA 21 Source Code, Tools in EA Breach

Hackers have breached computer game maker Electronic Arts EA and stolen source code and related tools for the company’s extensive game library, the company has confirmed. EA said it’s investigating “a recent incident of intrusion into our network where a limited amount of game source code and...

‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoSes

A distributed denial-of-service DDoS extortion group has blazed back on the cybercrime scene, this time under the name of “Fancy Lazarus.” It’s been launching a series of new attacks that may or may not have any teeth, researchers said. The new name is a tongue-in-cheek combination of the...

Chrome Browser Bug Under Active Attack

Google is warning that a bug in its Chrome web browser is actively under attack, and it is urging users to upgrade to the latest 91.0.4472.101 version to mitigate the issue. In all, Google rolled out fixes for 14 bugs impacting its Windows, Mac and Linux browsers as part of its June update to the...

STEM Audio Table Rife with Business-Threatening Bugs

The STEM Audio Table conference-room speaker has a security vulnerability that would allow unauthenticated remote code execution RCE as root – paving the way for eavesdropping on conversations, denial of service, lateral movement throughout enterprise networks and more. And, there are multiple...

Microsoft: Big Cryptomining Attacks Hit Kubeflow

Microsoft has spotted a new, widespread, ongoing attack targeting Kubernetes clusters running Kubeflow instances, in order to plant malicious TensorFlow pods that are used to mine for cryptocurrency. The Kubeflow open-source project is a popular framework for running machine learning ML tasks in...

Steam Gaming Platform Hosting Malware

UPDATE Look out for SteamHide, an emerging malware that disguises itself inside profile images on the gaming platform Steam, which researchers think is being developed for a wide-scale campaign. The Steam platform merely serves as a vehicle which hosts the malicious file, according to research fr...

JBS Paid $11M to REvil Gang Even After Restoring Operations

JBS Foods paid the equivalent of $11 million in ransom after a cyber-attack that forced the company to shut down some operations in the United States and Australia over the Memorial Day weekend. The company made the payment to cybercriminals to ensure the protection of its data and mitigate any...

Mysterious Custom Malware Collects Billions of Stolen Data Points

Researchers have uncovered a 1.2-terabyte database of stolen data, lifted from 3.2 million Windows-based computers over the course of two years by an unknown, custom malware. The heisted info includes 6.6 million files and 26 million credentials, and 2 billion web login cookies – with 400 million...

Intel Plugs 29 Holes in CPUs, Bluetooth, Security

Intel has unleashed 29 security advisories to plug up some serious bugs in the BIOS firmware for Intel processors, as well as in its Bluetooth products, Active Management Technology tools, the NUC Mini PC line, and, ironically, in its own security library. Details about the advisories can be foun...

DarkSide Pwned Colonial With Old VPN Password

It took only one dusty, no-longer-used password for the DarkSide cybercriminals to breach the network of Colonial Pipeline Co. last month, resulting in a ransomware attack that caused significant disruption and remains under investigation by the U.S. government and cybersecurity experts. Attacker...

Microsoft Patch Tuesday Fixes 6 In-The-Wild Exploits

Microsoft jumped on 50 vulnerabilities in this month’s Patch Tuesday update, issuing fixes for CVEs in Microsoft Windows, .NET Core and Visual Studio, Microsoft Office, Microsoft Edge Chromium-based and EdgeHTML, SharePoint Server, Hyper-V, Visual Studio Code – Kubernetes Tools, Windows HTML...

Lewd Phishing Lures Aimed at Business Explode

Attackers have amped up their use of X-rated phishing lures in business email compromise BEC attacks. A new report found a stunning 974-percent spike in social-engineering scams involving suggestive materials, usually aimed at male-sounding names within a company. The Threat Intelligence team wit...

TrickBot Coder Faces Decades in Prison

The U.S. Department of Justice announced on Friday the arraignment of a Latvian for her alleged role in creating and operating the infamous TrickBot malware. Alla Witte, who is known in cybercrime circles by the handle “Max,” was arrested in February in Miami. According to the indictment, she’s o...

Google Patches Critical Android RCE Bug

Google patched more than 90 security vulnerabilities in its Android operating system impacting its Pixel devices and third-party Android handsets, including a critical remote code-execution bug that could allow an attacker to commandeer a targeted vulnerable mobile device. That bug CVE-2021-0507...

‘An0m’ Encrypted-Chat Sting Leads to Arrest of 800

Law enforcement agencies have been selling encrypted phones to organized crime gangs for years, monitoring their conversations in what’s being called the biggest law enforcement sting ever. Since 2018, agencies have been overseeing the distribution of hardened, encrypted devices that have enabled...

Application Layer is Still the Front Door for Data Breaches

By Terry Ray, SVP and Fellow, Imperva Each year, the number of data breaches grows by 30% while the number of records compromised increases by an average of 224%. 2021 is far from over, but we’re already on pace for another record-setting year. In fact, Imperva research finds that more records we...

Evil Corp Impersonates PayloadBin Group to Avoid Federal Sanctions

The criminal group Evil Corp is trying to mask its latest activity by using previously unknown ransomware called PayloadBin, according to researchers. The move is believed to be an attempt to confuse law enforcement and avoid sanctions imposed by the U.S. federal government against entities it...

FBI Claws Back Millions of DarkSide’s Ransom Profits

United States law enforcement has clawed back approximately $2.3 million of the ransom allegedly paid to DarkSide by Colonial Pipeline last month, the Department of Justice DOJ and FBI announced in a joint press conference on Monday. “Today we turned the tables on DarkSide,” FBI Deputy Director...

Bad Apple: App Store Rife with Fraud, Fleeceware

A new analysis from the Washington Post reveals just how widespread fraud is across the Apple App Store, while also offering glimpse into the revenue flowing into Cupertino generated by those malicious activities. The Apple App Store has been under heightened scrutiny for maintaining its iron gri...

Novel ‘Victory’ Backdoor Spotted in Chinese APT Campaign

An ongoing surveillance operation has been uncovered that targets a Southeast Asian government, researchers said – using a previously unknown espionage malware. According to Check Point Research, the attack involves spear-phishing emails with malicious Word documents to gain initial access, along...

Windows Container Malware Targets Kubernetes

Windows containers have been victimized for over a year by the first known malware to target Windows containers. The ongoing campaign pierces Kubernetes clusters so as to plant backdoors, allowing attackers to steal data and user credentials, or even hijack an entire databases hosted in a cluster...

Cyberattack Suspected in Cox TV and Radio Outages

A reported ransomware attack on Cox Media Group CMG has crippled streaming and other internal operations of dozens of radio and television stations scattered across America’s 20 broadcast markets. CMG has won’t comment on the reported attack and hasn’t responded to a request for comment. A member...

Supreme Court Limits Scope of Controversial Hacking Law

The United States Supreme Court has ruled that a police officer who received money for obtaining data from a law-enforcement database for an associate did not violate a controversial federal hacking law, marking a victory for the ethical hacking community by limiting the law’s scope. In a landmar...

REvil Ransomware Gang Spill Details on US Attacks

Cybercriminals behind the JBS Foods ransomware attack claim they had no intent to target United States-based firms. The group, identified as the Sodinokibi REvil ransomware gang, also said it was not afraid of being labeled a cyber-terrorist group. A spokesperson for REvil shared its positions in...

‘Battle for the Galaxy’ Mobile Game Leaks 6M Gamer Profiles

An Elasticsearch server holding personal data of 6 million players of the popular mobile game Battle for the Galaxy was discovered insecure and containing over 1 terabyte of unencrypted data, meaning anyone with a link could access data stored on the repository. Ethical hackers WizCase found the...

Google PPC Ads Used to Deliver Infostealers

Researchers have tracked down the origins of several increasingly prevalent info-stealers – including Redline, Taurus, Tesla and Amadey – that threat actors are delivering via pay-per-click PPC ads in Google’s search results. On Wednesday, breach prevention firm Morphisec posted an advisory in...

Exchange Servers Targeted by ‘Epsilon Red’ Malware

Threat actors have deployed new ransomware on the back of a set of PowerShell scripts developed for making encryption, exploiting flaws in unpatched Exchange Servers to attack the corporate network, according to recent research. Researchers from security firm Sophos detected the new ransomware,...

Securing Privileged Access Within Healthcare Orgs

Healthcare organizations have always been high-value targets for cybercriminals, as their networks store large volumes of personally identifiable information PII including Social Security numbers, dates of birth, addresses and very sensitive personal health data. Since the beginning of the COVID-...

Podcast: The State of Ransomware

Last month, ransomware group DarkSide targeted operator Colonial Pipeline Co., disrupting fuel supply in the Eastern part of the U.S. The attack on a major U.S. oil pipeline had widespread ripples: it prompted President Joe Biden to declare a state of emergency and caused substantial pain at gas...

Effective Adoption of SASE in 2021

Think back to mid-2019: People had already been moving to the cloud, having talked about digital transformation for years. Then, March 2020 shoved transformation into hyperdrive: Suddenly, there was a mass exodus from the office, and everybody was working from home. That’s when the old ways of...

Banking Attacks Surge Along with Post-COVID Economy

For many, COVID-19 has been a crushing catastrophe. But for bank scammers, it’s shaped up to be a nice little money-making opportunity. As the post-pandemic economy roars back to life, cybercriminals are using a new whirlwind of transactions as cover to launch an extraordinary number of bank frau...

REvil Ransomware Ground Down JBS: Sources

The cyberattack that flattened operations at JBS Foods over the weekend was indeed a ransomware strike, the global food distributor has confirmed to the Biden administration, with sources pointing to the REvil Group as the responsible gang. Four people familiar with the matter who weren’t...