Live Webinar | Considerations for Building Your Cybersecurity Strategy in 2021 and BeyondWebinar.
Thank you for registering with ISMG
Complete your profile and stay up to date
Similar Posts
Researchers Attribute SITA Cyberattack to Chinese Hackers
The cyberattack on SITA that impacted multiple airlines around the world was orchestrated by a Chinese nation-state threat actor tracked as APT41, security researchers at detection and prevention firm Group-IB say. Codenamed ColunmTK and disclosed in early March 2021, the attack affected airlines such as Air India, Air New Zealand, Finland’s Finnair, Singapore Airlines, Malaysia…
GitHub Infrastructure Used to Mine Cryptocurrency
Software developers have reported a series of malicious activities on their repositories, having the end purpose of mining cryptocurrency. The attacks have been happening since November 2020, the first report being made by a French software engineer. Source It looks like the threat actors are abusing the GitHub Actions feature that was implemented with the purpose of allowing…
India Moves Toward Limiting What Telecom Tech Can Be Used
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Governance & Risk Management As ‘Trusted Telecom Portal’ Launched, Chinese Vendors May Be Excluded From Market Prajeet Nair (@prajeetspeaks) • June 17, 2021 In a key move toward ensuring telecom companies only use technologies from trustworthy sources, the government of India has launched…
Microsoft Exchange ProxyToken bug can let hackers steal user email
Technical details have emerged on a serious vulnerability in Microsoft Exchange Server dubbed ProxyToken that does not require authentication to access emails from a target account. An attacker can exploit the vulnerability by crafting a request to web services within the Exchange Control Panel (ECP) application and steal messages from a victim’s inbox. Delegation confusion…
A new Android spyware masquerades as a ‘system update’ – TechCrunch
Security researchers say a powerful new Android malware masquerading as a critical system update can take complete control of a victim’s device and steal their data. The malware was found bundled in an app called “System Update” that had to be installed outside of Google Play, the app store for Android devices. Once installed by…
Kansas Man Faces Federal Charges Over Water Treatment Hack
Critical Infrastructure Security , Cybercrime , Fraud Management & Cybercrime DOJ: Wyatt Travnichek Allegedly Accessed Cleaning and Disinfecting System Prajeet Nair (@prajeetspeaks) • April 2, 2021 This is the website of the Ellsworth County Rural Water District in Kansas. The facility was targeted in an attack in 2019, according to the Justice Department….