A planned Biden administration executive order will require many software vendors to notify their federal government customers when the companies have a cybersecurity breach, according to a draft seen by Reuters. A National Security Council spokeswoman said no decision has been made on the final content of the executive order. The order could be released…
Beware of this malicious Android system update | IT Security News 29. March 2021 Cybersecurity firm Zimperium has uncovered a latest mobile security threat as a critical system update that is actually a sophisticated malware that steals data and conduct espionage on targeted smart phones. Zimperium zLabs says that the malware has capability of sending…
Suspected Russian hackers gained access to email accounts belonging to the Trump administration’s head of the Department of Homeland Security and members of the department’s cybersecurity staff whose jobs included hunting threats from foreign countries, The Associated Press has learned. The intelligence value of the hacking of then-acting Secretary Chad Wolf and his staff is…
PHP’s Git Server Hacked to Insert Secret Backdoor to Its Source code | IT Security News 29. March 2021 In yet another instance of a software supply chain attack, unidentified actors hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a secret backdoor into its source code.The two malicious…
Another week, and another major mobile security risk. A few weeks ago, Zimperium zLabs researchers disclosed unsecured cloud configurations exposing information in thousands of legitimate iOS and Android apps (you can read more about it in our blog). This week, zLabs is warning Android users about a sophisticated new malicious app. The new malware disguises…
Facebook finally identifies the Chinese hackers that are targeting Uyghurs in the United States. The giant tech firm confirmed that these cybercriminals are secretly spying on the Uyghurs who are living abroad in Kazakhstan, Turkey, the U.S., and other countries. (Photo : Photo by Sean Gallup/Getty Images)A participant sits with a laptop computer as he…
New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let’s just get this out of the way right now: It wasn’t me. The Shadowserver Foundation, a nonprofit that helps network owners identify and fix security…
Incoming Nine chief executive Mike Sneesby confirmed on Sunday night the incident was a cyberattack. Nine’s director of people and culture Vanessa Morley said the company may be unable to fully restore systems for some time and instructed staff to work from home indefinitely. The origin and motive of the attack is unclear, but no…
Facebook regularly discloses methodologies that it is utilizing to secure its platform from cyberattacks and other malicious activities. Now, the company has announced that its security teams have disabled operations against Uyghur activists. These were being carried out by a group in China known as “Evil Eye” or “Earth Empusa”. Image via Wikimedia According to…
Black Kingdom Ransomware Hunting Unpatched Microsoft Exchange Servers | IT Security News 25. March 2021 More than a week after Microsoft released a one-click mitigation tool to mitigate cyberattacks targeting on-premises Exchange servers, the company disclosed that patches have been applied to 92% of all internet-facing servers affected by the ProxyLogon vulnerabilities.The development, a 43% improvement from the previous…
