Tag: NationState | Page 4

Nation-state hackers are already exploiting the scary Log4j vulnerability

December 20, 2021/in Computer Security

Security researchers recently stunned the world with the Log4Shell hack, revealing that the entire internet is scrambling to patch a vulnerability in a widely used Java utility that many companies employ in their servers. Also known as the Log4j hack, the security issue allows hackers to get into computer systems without a password. We saw the first proof of concept in Minecraft, where hackers used text messages to control a computer remotely.

Unlike other massive security breaches, the fix for Log4j isn’t simple, and end-users can’t do anything about it themselves. It’s up to companies to patch the vulnerability. And each provider of an internet product will have to ensure that Log4j attacks can’t breach their servers. Researchers have now discovered that nation-state hackers from China, Iran, and North Korea are already looking into exploiting the scary vulnerability.

Today’s Top Deals

Don’t Miss: Wednesday’s deals: $89 AirPods 2, Beckham pillows, $89 Philips Hue bundle, more

Unpatched Log4j servers would allow hackers to breach computer systems and perform all sorts of malicious activities. Security companies have said that hackers could steal information once inside a server system. They could install other programs remotely, with some attackers deploying crypto-mining tools via the Log4j vulnerability.

But nation-states could mount significantly larger campaigns, especially the kind of attackers that routinely appear in cybersecurity briefings. A new report in The Wall Street Journal mentions some of the countries that are looking to exploit Log4j.

Nation-state hackers targeting Log4j

The list includes China, Iran, North Korea, and Turkey. Surprisingly, Russia doesn’t appear in these early Log4j security reports.

The data doesn’t come from the US government, but rather private firms. Microsoft and Mandiant have already observed hacking groups that were previously linked to China and Iran targeting Log4j. Microsoft also identified nation-backed hackers from North Korea and Turkey.

The company said that some hackers are just experimenting with Log4j. Others are trying to break in.

One of the groups exploiting the new Java hack is the same China-backed team…

Source…

Nation-State Hacking Campaigns Targeting COVID-19 Research Firms

November 14, 2020/in Internet Security

By Jessica Davis

November 13, 2020 – COVID-19 vaccine developers and research firms are again facing targeted cyberattacks, with an ongoing campaign led by nation-state hackers with ties to North Korea and Russia, according to Microsoft.

Researchers have observed nation state threat actors targeting seven firms leading COVID-19 vaccine and treatment research, including pharmaceutical companies and researchers in the US, Canada, France, India, and South Korea.

The campaigns are led by the Russian hacking group known as Strontium and North Korean hackers, Zinc and Cerium.

Cybercriminals have ramped up their malicious attacks throughout the pandemic, from phishing attacks and fraud schemes tied to the coronavirus, to nation-state attacks on coronavirus research and human-operated ransomware attacks on the healthcare sector.

Most recently, a joint alert from the FBI and the Departments of Health and Human Services and Homeland Security warned of a wave of ransomware attacks on healthcare entities, which has already claimed at least a dozen victims.

The latest hacking campaign is primarily focused on COVID-19 vaccine manufacturers in various stages of clinical trials, including one clinical research foundation involved in clinical trials and one firm that developed a COVID-19 test, Tom Burt, Microsoft’s corporate vice president, customer security and trust, explained in a blog post.

Several targeted organizations are contracted with or have investments from the government to work on research tied to the virus.

The Russian-backed Strontium attacks leverage brute-force login or password-spray attacks, which are designed to break into user’s accounts using thousands or millions of rapid attacks.

Meanwhile, Zinc primarily uses spear-phishing lures masked as fabricated job descriptions sent from recruiters in an effort to steal credentials. The other North Korean-tied campaign, Cerium, also focuses on spear-phishing emails that use COVID-19 themes purportedly sent from fake World Health Organization representatives.

Microsoft was able to block the majority of the attempts, and…

Source…

Secret document says WikiLeaks cable leaks disrupted tracking of nation-state hackers – TechCrunch

March 9, 2020/in Internet Security

Secret document says WikiLeaks cable leaks disrupted tracking of nation-state hackers TechCrunch
“cyber warfare news” – read more

Nation-State Actors Go All-In on Mobile Malware

August 5, 2019/in Mobile Security

Even though mobile data security is less mature than its desktop equivalent, the quality of the information on offer is top-tier.
Mobile Security – Threatpost

Tag Archive for: NationState

Nation-state hackers targeting Log4j