Tag Archive for: Roundup

Security Roundup: Leak of Top-Secret US Intel Risks a New Wave of Mass Surveillance


US defense secretary Lloyd Austin on Thursday said he was considering “additional measures necessary to safeguard our nation’s secrets,” and he ordered a review of “our intelligence access, accountability, and control procedures within the department to inform our efforts to prevent this kind of incident from happening again.”

Hackers who claim to have breached data storage company Western Digital earlier this month say they are holding 10 terabytes of stolen data hostage and are ready to publish it unless the company pays a “minimum 8 figure” ransom, TechCrunch reports. 

An individual who says they carried out the hack spoke to TechCrunch on Thursday, claiming to have reams of customer information. While the hacker showed TechCrunch screenshots of internal emails and contact information of Western Digital’s employees, it’s still unclear exactly what data has been stolen.

“Cut the crap, get the money, and let’s both go our separate ways,” the hackers wrote in an email to several company executives. “Simply put, let us put our egos aside and work to find a resolution to this chaotic scenario.” 

A secretive Israeli spyware company’s hacking tools have been used to target politicians and journalists in at least 10 countries, according to research by Microsoft and the University of Toronto’s Citizen Lab made public Tuesday. 

The company, QuaDream, is a small, low-profile Israeli firm that develops smartphone hacking tools intended for government clients. The firm was established in 2016 by former employees of NSO Group, the maker of the Pegasus spyware.

The QuaDream spyware targeted older versions of Apple’s iOS phone software, and it worked by sending malicious calendar invites that would not be seen by the targets, researchers say.

According to the report, Citizen Lab has located QuaDream servers in Bulgaria, the Czech Republic, Hungary, Ghana, Israel, Mexico, Romania, Singapore, the United Arab Emirates, and Uzbekistan. 

WhatsApp has introduced a new security feature that makes it harder for scammers to steal users’ accounts. The feature will require individuals who download WhatsApp to a new device to use their old device to confirm their account….

Source…

Email Security News Round-Up [November 2022]


Email security issues plague every single business because it’s an easy point of failure for scammers and hackers to exploit. Your business is vulnerable to cyberattacks if you don’t take the necessary steps to secure your email domain and IT infrastructure. 

When it comes to cybersecurity, it seems the news headlines are never ending, and this month was no different.

Keep reading for more on the latest cybersecurity and email security news.

We kick off our monthly email security news round-up with the story of a new and dangerous phishing campaign.

On November 17th, security experts at Armorblox reported a credential phishing attack targeting 22,000 students. The campaign exploited and impersonated the popular social media platform Instagram to trick students from national educational institutions.

The threat actors made the phishing email look like it originates from Instagram Support; with the sender’s name, Instagram handle, and email address all matching legitimate Instagram credentials. 

The email phishing campaign used social engineering tactics and a false sense of urgency indicating that the victim’s Insta account was breached. It included a malicious link that redirected users to a fake landing page with Instagram branding and details around the “unusual login attempt” detected, with a ‘This Wasn’t Me’ button.

Upon clicking the button, victims were then redirected to another fake landing web page to enter their sensitive account details. By doing so, they unknowingly handed over their credentials to the bad actors.

Surprisingly, this email attack bypassed native Microsoft email security controls and email authentication checks with the domain “instagramsupport.net” when the official Instagram domain ends with “.com.”

A Chinese-based cybercriminal group has been exploiting the popularity and trust of famous international brands with a large-scale phishing campaign since 2019.

Banking, retail, travel, and energy have been among the various business industries that the threat actors exploit with 42,000 imposter domains reportedly registered. Victims are tricked into spreading the campaign via Whatsapp with the promise of financial rewards or…

Source…

Deserialized web security roundup – Fortinet, Citrix bugs; another Uber breach; hacking NFTs at Black Hat


Your fortnightly rundown of AppSec vulnerabilities, new hacking techniques, and other cybersecurity news

Deserialized web security roundup

Our second web security roundup begins with news that a brace of network security flaws in products from Fortinet and Citrix have each come under active attack.

These attacks were respectively enabled by memory corruption vulnerabilities in the FortiOS SSL-VPN as well as a critical arbitrary code execution risk in Citrix ADC and Citrix Gateway (CVE-2022-27518). It’s unclear whether these assaults are linked, but their occurrence can still be said to underline the importance of patching SSL VPN devices, which have previously been vectors for pushing ransomware onto enterprise networks, among other attacks.

Uber this week suffered a data breach as a result of a cybersecurity incident at a third-party vendor, resulting in the exposure of employees’ personal information. The incident represents only the latest security breach to impact the ride-hailing app firm, which was previously faulted for the delayed disclosure of a 2016 breach that exposed the account records of customers and drivers. More recently, back in September, Uber’s internal IT systems were breached by a social engineering attack.

Over at Black Hat Europe, security researcher Nitesh Dhanjani discussed the impact of floor prices of non-fungible token (NFT) collections and how attacks focused on business dynamics have the potential to wreak havoc on marketplaces. Dhanjani also spoke about off-chain and on-chain sync algorithms, and how the disparities between the two blockchain-related environments can be abused.

I also attended the event for The Daily Swig, reporting on a keynote in which security researcher Daniel Cuthbert said the industry’s fixation on zero-day vulnerabilities was only a partial solution to making the internet fundamentally secure. We also covered some of the top hacking tools from the event.

Among other stories on The Daily Swig in recent days was an Akamai WAF bypass via Spring Boot, SQL injection payloads being smuggled past WAFs, and a crypto maintainer rejecting a bogus cryptocurrency ‘vulnerability’ submitted with the help of ChatGPT.

Here are…

Source…

Cybersecurity News Round-Up: Week of October 10, 2022


Australian police secret agents exposed in Colombian data leak, White House to roll out Energy Star-like ratings for IoT, a new data breach at Toyota

*** This is a Security Bloggers Network syndicated blog from Blog Feed authored by Blog Feed. Read the original post at: https://www.globalsign.com/en/blog/cybersecurity-news-round-week-october-10-2022

Source…