Posts

Microsoft Exchange hack caused by China, US and allies say

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


WASHINGTON (AP) — The Biden administration and Western allies formally blamed China on Monday for a massive hack of Microsoft Exchange email server software and asserted that criminal hackers associated with the Chinese government have carried out ransomware and other illicit cyber operations.

The announcements, though not accompanied by sanctions against the Chinese government, were intended as a forceful condemnation of activities a senior Biden administration official described as part of a “pattern of irresponsible behavior in cyberspace.” They highlighted the ongoing threat from Chinese hackers even as the administration remains consumed with trying to curb ransomware attacks from Russia-based syndicates that have targeted critical infrastructure.

The broad range of cyberthreats from Beijing disclosed on Monday included a ransomware attack from government-affiliated hackers that targeted victims — including in the U.S. — with demands for millions of dollars. U.S officials also alleged that criminal contract hackers associated with China’s Ministry of State Security have engaged in cyber extortion schemes and theft for their own profit.

Meanwhile, the Justice Department on Monday announced charges against four Chinese nationals who prosecutors said were working with the MSS in a hacking campaign that targeted dozens of computer systems, including companies, universities and government entities. The defendants are accused of targeting trade secrets and confidential business information, including scientific technologies and infectious-disease research.

Unlike in April, when public finger-pointing of Russian hacking was paired with a raft of sanctions against Moscow, the Biden administration did not announce any actions against Beijing. Nonetheless, a senior administration official who briefed reporters said that the U.S. has confronted senior Chinese officials and that the White House regards the multination shaming as sending an important message, even if no single action can change behavior.

President Joe Biden told reporters “the investigation’s not finished,” and White House press…

Source…

Google team helps Apple, Microsoft fix browser zero-day bugs


New Delhi: Google researchers have discovered four zero-day vulnerabilities in Chrome browsers, Microsoft’s Internet Explorer, and Apple’s Safari that could compromise user data.

After the vulnerability was disclosed by Google’s Threat Analysis Group (TAG), Apple, Microsoft, and Google quickly patched these bugs.

Zero-day vulnerabilities are unknown software flaws. It can be exploited by an attacker until they are identified and fixed.

“The four exploits were used as part of three different campaigns. Similar to Google’s policy, immediately report these zero-day attacks to vendors and protect users from these attacks. A patch for this has been released to users, “Google said in a statement.

“Three of these exploits are rated as being developed by the same commercial surveillance company that sold these features to two different government-sponsored parties,” the company said.

In the first six months of this year, 33 zero-day exploits were used in the attacks published this year, 11 more than the total in 2020.

There is no one-to-one relationship between the number of zero-days used in the wild and the number of zero-days detected and disclosed in the wild.

“The attackers behind zero-day exploits generally want to hide zero-days and leave them unknown, as zero-days are most useful,” Google said.

This year, Apple began annotating security bulletins with vulnerabilities, and Google added these annotations to Android bulletins, including notes if there was reason to believe that the vulnerabilities could actually be exploited. ..

“If the vendor does not include these annotations, the only way the public can know about wild exploitation is for researchers or groups who know the exploitation to publish the information themselves,” said the TAG team. Added.

Google said improved detection and growth in the culture of disclosure are likely to contribute to a significant increase in zero-days detected in 2021 compared to 2020, but reflects a more positive trend. ing.

“It’s good to increase the detection of zero-day exploits. This will fix these vulnerabilities to protect users and give you a complete picture of the exploits that are actually occurring, so…

Source…

Internet security Market Size, Analysis, and Top Vendors – International Business Machine (IBM) Corp., Hewlett Packard, Microsoft Corp., Cisco System Inc., Intel Corporation (McAfee Inc.), Symantec Corporation


New Jersey, United States,- The Internet security Market Research Report is an in-depth study that provides industry-wide insight into existing and emerging growth patterns, end-user analysis, and other key data that have been tested and validated by experts. and industry professionals. The report studies the market for importance, share, size, demand and supply, models, competitive landscape, industry chain analysis, and other significant factors. The report also provides a detailed overview of the driving forces of the industry, along with the micro and macroeconomic factors that are likely to affect its development.

The Internet security market research report assesses the global Internet security Market industry market and includes sales and capacity forecasts for the anticipated period 2021-2028. The factors driving the growth of the industry are highlighted in the report. The report divides the Internet security market into broad categories such as forms, applications, end-user, technology, and others for better understanding. These segments are carefully examined to provide a more detailed perspective on the global and regional markets. The report also examines key industry players including their product portfolios, company overviews, strategic growth strategies, revenue generation, market share and size, geographic presence, and market size. development and manufacturing capabilities.

Internet Security Market was valued at USD 41.20 Billion in 2019 and is projected to reach USD 74.04 Billion by 2027, growing at a CAGR of 8.2% from 2020 to 2027.

The report has conducted extensive research on the market segments and sub-segments and clarified which market segment will dominate the market during the forecast period. To help clients to make informed decisions about companies’ investment plans and strategies in the Internet security market, the report involves in-depth information regarding regional market performance and competitive analysis.

The report covers…

Source…

China responsible for big Microsoft Exchange hack, US charges


The Biden administration on Monday blamed China for a hack of Microsoft Exchange email server software that compromised tens of thousands of computers around the world earlier this year.

The administration and allied nations also disclosed a broad range of other cyberthreats from Beijing, including ransomware attacks from government-affiliated hackers that have targeted companies with demands for millions of dollars. China’s Ministry of State Security has been using criminal contract hackers, who have engaged in cyber extortion schemes and theft for their own profit, according to a senior administration official. That official briefed reporters about the investigation on the condition of anonymity.

Meanwhile, the Justice Department on Monday announced charges against four Chinese nationals who prosecutors said were working with the Ministry of State Security in a hacking campaign that targeted dozens of computer systems, including companies, universities and government entities.

The announcements highlighted the ongoing cyberthreat posed by Chinese government hackers even as the administration has been consumed with trying to curb ransomware attacks from Russia-based syndicates that have targeted critical infrastructure, including a massive fuel pipeline. Even though the finger-pointing was not accompanied by any sanctions of Beijing, a senior administration official who disclosed the actions to reporters said that the U.S. has confronted senior Chinese officials and that the White House regards the multination public shaming as sending an importance message.

Feds offer $10M in rewards for information about hackers, ransomware

That hackers affiliated with the Ministry of State Security carried out a ransomware attack was surprising and concerning to the U.S. government, the senior administration official said. But the attack, in which an unidentified American company received a high-dollar ransom demand, also gave U.S. officials new insight into what the official said was “the kind of aggressive behavior that we’re seeing coming out of China.”

The European Union and Britain also pointed the finger at China. The EU said malicious cyber activities with…

Source…