Items tagged with cybersecurity
Yesterday, Microsoft reported that it had detected a 0-day remote code execution exploit being used in the wild against SolarWinds’ Serv-U FTP product. The vulnerability that allowed this exploit has since been patched, but it is still disconcerting, nonetheless.
Tracked as CVE-2021-35211, the vulnerability reported...
Read more...
Over the weekend, cybersecurity experts, forensics teams, and white-hat hackers worldwide have been battling the ransomware incident affecting Kaseya VSA customers. Now, the Florida-based IT and remote management company is reporting that fewer than 60 customers and 1,500 downstream companies have been affected by...
Read more...
Over the holiday weekend, the popular battle royale game Apex Legends was hacked, but not in the way you may expect. Rather than stealing data, encrypting files, or being generally destructive, the hackers broadcasted a message stating that Respawn Entertainment has not done enough to fight hackers in its first game...
Read more...
Before the holiday weekend got underway, the REvil hacking group kicked off a massive supply chain attack involving remote management software company Kaseya. Based out of Florida, the company only reports that 40 of its remote monitoring tool VSA on-premises customers have been affected by this. However, some of...
Read more...
Hacking group REvil, which was behind attacks such as those on Acer in early 2021, has returned in force evidently, after approximately 200 U.S. businesses were hit by ransomware overnight. It has been found that the ransomware spread through software created by Florida-based IT company Kaseya in what is another...
Read more...
Over the last couple of days, a vulnerability tracked as CVE-2021-34527 has made the rounds, making IT people quite nervous. The cybersecurity threat, also dubbed PrintNightmare, exploits a flaw within the Windows Print Spooler, allowing for remote code execution on a system. Now, Microsoft has provided mitigation...
Read more...
As cybersecurity solutions tighten up and prevent many attacks, threat actors are looking for new and innovative ways to attack systems. This has led to a rise in attacks that start “outside and below the operating system layer,” such as firmware attacks and ransomware attacks through VPN devices or other...
Read more...
Last week, hundreds if not thousands of My Book Live customers awoke to their devices being wiped and, in some cases, unrecoverable. At that time, it was simply thought that Western Digital had not patched a critical vulnerability from 2018 that allowed attackers to do this, but it seems there is more to the story...
Read more...
When people are hit by malware, it typically ends with files being locked or some other terrible outcome for the end-user. However, researchers have now discovered a piece of malware that turns the tables on people who try to pirate content by blocking illegal websites. As it turns out, perhaps not all malware is...
Read more...
Sometimes you may not know that you have been infected with malware until it is too late, as is likely the case for users across more than three million Windows-based computers globally. In a stunning revelation, in the two years between 2018 and 2020, a Trojan-like malware managed to infiltrate millions of Windows...
Read more...
A seven-year-old local privilege escalation bug has reared its head and finally got a fix. When it was available, exploiting the vulnerability in the polkit authentication service could have allowed attackers to get a root shell on several actively-used Linux distros.
On Linux, polkit is effectively a bouncer of...
Read more...
The Golden Arches are not so shiny today it seems, as the world's biggest fast-food chain, McDonald's, has been hit by an international data breach. The company reported today that hackers have stolen data containing employee and restaurant information from its South Korean, Taiwanese, and United States markets...
Read more...
Cybersecurity is a hot topic nowadays, with attacks happening frequently like the Colonial Pipeline or JBS Global ransomware attacks. Now, it appears that EA is facing its own issues after hackers allegedly managed to exfiltrate around 780GB of source code, frameworks, and engine tools from the company.
Recently...
Read more...
In May, the biggest fuel provider to the U.S. eastern seaboard was hit with ransomware from Russian hacking group DarkSide. Colonial Pipeline decided to pay the ransom to decrypt some of its files to get back to operational status, but those efforts were hampered by a slow decryption tool offered by the attackers...
Read more...
Though industrial cyberattacks, such as those on JBS Global or Colonial Pipeline, are on the rise, the problem is not exclusive to businesses. According to new research, consumer cyber threats jumped nearly 83% in 2020. With new types of malware skyrocketing, users now need to be more careful than ever.
Today, Atlas...
Read more...
Cybersecurity incidents are on the rise as of late, leaving companies floundering and threat actors perhaps a little richer. The world’s biggest meat processing company JBS has been added to the list, confirming that it recently fell victim to a cyber attack. This appears to have had rippling effects across the...
Read more...
Late last week, we reported that the SolarWinds hackers from last year, called Nobelium, were back in action targeting NGOs around the world, according to data from Microsoft. Now, the Redmond-based company is providing an update on its investigation and some context to the situation.
In January, the advanced Russian...
Read more...
The threat actors behind the SolarWinds attacks late last year have come back online and are targeting international development, humanitarian, and human rights organizations, according to new data from Microsoft. The Russian-based hacking group, called Nobelium, managed to compromise an email marketing account for...
Read more...
Cloud-based additions to mobile apps have become commonplace, but they are not always the best thing for consumers or developers. According to new research, by either misconfiguration or simple lack of security best practices, some mobile app developers have left the personal data of over 100 million people at...
Read more...
Earlier this year, one of the largest insurance providers in the U.S. was hit by a ransomware attack that managed to cripple its network and exfiltrate data. According to people familiar with the situation, CNA Financial Corp. out of Chicago, Illinois, paid $40 million to wrest control of its network back in...
Read more...
After a cybercriminal manages to breach a network, it is not all about immediately attacking the target. New research shows that these black hat hackers may lie dormant or lurk on a network for around 250 hours on average before an attack kicks off or they are detected. This means that organizations should know that...
Read more...
Over the past two weeks, Colonial Pipeline has been battling a ransomware attack that crippled fuel flow to the eastern seaboard. This was supposedly not intended to be as catastrophic as it was, but the hacking group behind the attack, DarkSide, has quite a bit of experience in ransomware. The group has reportedly...
Read more...
