Cybercrime , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Campaign Targets Tibetan Organizations Prajeet Nair (@prajeetspeaks) • February 26, 2021 Friarfox malicious browser extension was spotted targeting Tibetan organizations. (Source: Proofpoint) Proofpoint reports that Chinese state-sponsored hackers are using a new customized malicious Mozilla Firefox browser extension that facilitates access and…
Hackers break into biochemical systems at Oxford University laboratory that is researching Covid Oxford confirmed breach of its Division of Structural Biology, known as Strubi Clinical studies have not been compromised and the hack has been contained GCHQ’s National Cyber Security Centre has been alerted and will assist in probe By Jack Elsom For Mailonline…
After security researchers have developed and published proof-of-concept (PoC) exploit code targeting a critical vCenter remote code execution (RCE) vulnerability, attackers are now actively scanning for vulnerable Internet-exposed VMware servers. The scanning activity was spotted by threat intelligence company Bad Packets just one day after VMware patched the critical vulnerability. Thousands of unpatched vCenter servers are…
Critical Infrastructure Security , Digital Identity , Endpoint Security Critical Networks Within National Security Systems Should Implement Zero Trust Akshaya Asokan (asokan_akshaya) • February 27, 2021 NSA: Consider Zero Trust models for all National Security Systems’ critical networks Source: NSA The US National Security Agency has issued its zero trust guidance aimed at…
A newly uncovered cyberattack is taking control of victims’ Gmail accounts, by using a customized, malicious Mozilla Firefox browser extension called FriarFox. Researchers say the threat campaign, observed in January and February, targeted Tibetan organizations and was tied to TA413, a known….
Cybersecurity agencies across five countries have issued a global alert to organizations using the Accellion FTA file transfer application after a number of organizations in the past six weeks admitted to being hacked through vulnerabilities in the software. Organizations should temporarily isolate or block internet access to and from systems hosting Accellion FTA, says the…
Governance & Risk Management , IT Risk Management , Patch Management The Flaw in Windows Graphics Component Can Enable Web-Based Attacks Akshaya Asokan (asokan_akshaya) • February 26, 2021 Microsoft has patched a critical vulnerability in Windows that can be exploited by tricking users to visit websites that use a malicious font. The flaw…
Critical Infrastructure Security , Cybercrime as-a-service , Cyberwarfare / Nation-State Attacks Kaspersky Ties Latest Hacking Campaign and Backdoor to Lazarus Group Doug Olenick (DougOlenick) • February 25, 2021 Lazarus, the North Korean-backed advanced persistent threat group, has been conducting a campaign striking defense industry targets in more than a dozen countries using a…
A North Korean-backed hacking group has targeted the defense industry with custom backdoor malware dubbed ThreatNeedle since early 2020 with the end goal of collecting highly sensitive information. This espionage campaign affected organizations from more than a dozen countries and was coordinated by DPRK-backed state hackers tracked as Lazarus Group. The attackers used COVID19-themed spear-phishing…
Governance & Risk Management , IT Risk Management , Patch Management Flaw Allows Unauthorized Users to Send Specially Crafted Requests Prajeet Nair (@prajeetspeaks) • February 25, 2021 Security firm Positive Technologies says more than 6,000 VMware vCenter devices worldwide that are accessible via the internet contain a critical remote code execution vulnerability. VMware…
