News in the Security category

SolarWinds hackers breach agency in charge of US nuclear weapons

Nation-state hackers have breached the networks of the National Nuclear Security Administration (NNSA) and the US Department of Energy (DOE).
- Sergiu Gatlan
- December 17, 2020
- 04:29 PM
- 0
Bouncy Castle fixes crypto API authentication bypass flaw

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. When exploited, the vulnerability (CVE-2020-28052) can allow an attacker to gain access to user and administrator accounts due to a cryptographic weakness in the manner passwords are checked.
- Ax Sharma
- December 17, 2020
- 03:26 PM
- 0
Nation-state hackers breached US think tank thrice in a row

An advanced hacking group believed to be working for the Russian government has compromised the internal network of a think tank in the U.S. three times.
- Ionut Ilascu
- December 17, 2020
- 03:17 PM
- 0
Ransomware masquerades as mobile version of Cyberpunk 2077

A threat actor is distributing fake Windows and Android installers for the Cyberpunk 2077 game that is installing a ransomware calling itself CoderWare.
- Lawrence Abrams
- December 17, 2020
- 02:01 PM
- 0
CISA: Hackers breached US govt using more than SolarWinds backdoor

The US Cybersecurity and Infrastructure Security Agency (CISA) said that the APT group behind the recent compromise campaign targeting US government agencies used more than one initial access vector.
- Sergiu Gatlan
- December 17, 2020
- 12:48 PM
- 1
Iranian nation-state hackers linked to Pay2Key ransomware

Iranian-backed hacking group Fox Kitten has been linked to the Pay2Key ransomware operation that has recently started targeting organizations from Israel and Brazil.
- Sergiu Gatlan
- December 17, 2020
- 12:01 PM
- 0
WordPress plugin with 5 million installs has a critical vulnerability

The team behind a popular WordPress plugin has disclosed a critical file upload vulnerability and issued a patch. The vulnerable plugin, Contact Form 7, has over 5 million active installations making this upgrade a necessity for WordPress site owners out there.
- Ax Sharma
- December 17, 2020
- 10:52 AM
- 0
FBI, CISA officially confirm US govt hacks after SolarWinds breach

The compromise of multiple US federal networks following the SolarWinds breach was officially confirmed for the first time in a joint statement released earlier today by the FBI, DHS-CISA, and the Office of the Director of National Intelligence (ODNI).
- Sergiu Gatlan
- December 17, 2020
- 09:39 AM
- 0
Holiday deal: 40% off Malwarebytes Premium and Teams

Malwarebytes is running a holiday deal where you can get 40% off Malwarebytes Premium and the Malwarebytes for Teams business product for a limited time.
- Lawrence Abrams
- December 17, 2020
- 06:30 AM
- 0
Malicious Chrome, Edge extensions with 3M installs still in stores

Malicious Chrome and Edge browser extensions with over 3 million installs, most of them still available on the Chrome Web Store and the Microsoft Edge Add-ons portal, are capable of stealing users' info and redirecting them to phishing sites.
- Sergiu Gatlan
- December 16, 2020
- 05:04 PM
- 1
FireEye, Microsoft create kill switch for SolarWinds backdoor

Microsoft, FireEye, and GoDaddy have collaborated to create a kill switch for the SolarWinds Sunburst backdoor that forces the malware to terminate itself.
- Lawrence Abrams
- December 16, 2020
- 04:21 PM
- 1
Emulated mobile devices used to steal millions from US, EU banks

Threat actors behind an ongoing worldwide mobile banking fraud campaign were able to steal millions from multiple US and EU banks, needing just a few days for each attack.
- Sergiu Gatlan
- December 16, 2020
- 12:26 PM
- 0
Malicious RubyGems packages used in cryptocurrency supply chain attack

New malicious RubyGems packages have been discovered that are being used in a supply chain attack to steal cryptocurrency from unsuspecting users.
- Lawrence Abrams
- December 16, 2020
- 11:00 AM
- 0
HPE discloses critical zero-day in server management software

Hewlett Packard Enterprise (HPE) has disclosed a zero-day bug in the latest versions of its proprietary HPE Systems Insight Manager (SIM) software for Windows and Linux.
- Sergiu Gatlan
- December 16, 2020
- 09:55 AM
- 0
Ransomware gangs automate payload delivery with SystemBC malware

SystemBC, a commodity malware sold on underground marketplaces, is being used by ransomware-as-a-service (RaaS) operations to hide malicious traffic and automate ransomware payload delivery on the networks of compromised victims.
- Sergiu Gatlan
- December 16, 2020
- 09:00 AM
- 0
Microsoft to quarantine compromised SolarWinds binaries tomorrow

Microsoft has announced today that Microsoft Defender will begin quarantining compromised SolarWind Orion binaries starting tomorrow morning.
- Lawrence Abrams
- December 15, 2020
- 04:46 PM
- 0
New Windows malware may soon target Linux, macOS devices

Newly discovered Windows info-stealing malware linked to an active threat group tracked as AridViper shows signs that it might be used to infect computers running Linux and macOS.
- Sergiu Gatlan
- December 15, 2020
- 01:50 PM
- 0
Pandemic year increases bug bounties and report submissions

Vulnerability submissions have increased over the past 12 months on at least one crowdsourced security platform, with critical issue reports recording a 65% jump.
- Ionut Ilascu
- December 15, 2020
- 11:18 AM
- 0
Ransomware attack causing billing delays for Missouri city

The City of Independence, Missouri, suffered a ransomware attack last week that continues to disrupt the city's services.
- Lawrence Abrams
- December 15, 2020
- 11:09 AM
- 0
Critical Golang XML parser bugs can cause SAML authentication bypass

This week, Mattermost, in coordination with Golang has disclosed 3 critical vulnerabilities within Go language's XML parser. If exploited, these vulnerabilities, also impacting multiple Go-based SAML implementations, can lead to a complete bypass of SAML authentication which powers prominent web applications today.
- Ax Sharma
- December 14, 2020
- 08:23 PM
- 0