March 19, 2021 by Joseph Fitsanakis FINLAND’S INTELLIGENCE AGENCY HAS identified a hacker group with ties to the Chinese state as the culprit of an attack of “exceptional” magnitude and intensity that targeted the Finnish Parliament last year. The attack was reported in December 2020, but had been going on for several weeks prior to…
A malicious Xcode project known as XcodeSpy is targeting iOS devs in a supply-chain attack to install a macOS backdoor on the developer’s computer. Xcode is a free application development environment created by Apple that allows developers to create applications that run on macOS, iOS, tvOS, and watchOS. Like other development environments, it is common…
The malware can grab login credentials for more than 450 apps and bypass SMS-based two-factor authentication Cybercriminals are attempting to take advantage of the popularity of Clubhouse to deliver malware that aims to steal users’ login information for a variety of online services, ESET malware researcher Lukas Stefanko has found. Disguised as the (as yet…
Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000. Acer is a Taiwanese electronics and computer maker well-known for laptops, desktops, and monitors. Acer employs approximately 7,000 employees and earned $7.8 billion in 2019. Yesterday, the ransomware gang announced on their…
PC and Device Maker Appears to Have Been Targeted by REvil Scott Ferguson (Ferguson_Writes) • March 21, 2021 (Source: Sergi via Flickr) Acer, one of the world’s largest PC and device makers, has reportedly been targeted by the ransomware gang REvil, aka Sobinokibi, according to multiple published reports. See Also: Live Webinar |…
Attackers are exploiting a recently-patched, critical vulnerability in F5 devices that have not yet been updated. The unauthenticated remote command execution flaw (CVE-2021-22986) exists in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure, and could allow attackers to take full control over a vulnerable system.
The ill-tempered talks in Anchorage involved Secretary of State Antony Blinken and national security adviser Jake Sullivan on the US side, facing off with China’s most senior foreign policy official, Yang Jiechi, and foreign minister Wang Yi. In a blunt opening statement, Mr Blinken said the US….
XcodeSpy is latest example of growing attacks on software supply chain. Researchers from SentinelOne have discovered new malware targeting developers of macOS apps in the latest sign of growing attacker interest in the software supply chain. The malware, XcodeSpy, is disguised as a legitimate Xcode open source project called TabBarInteraction that provides macOS developers with…
“Microsoft has implemented an automatic mitigation tool within Defender Antivirus to tackle critical vulnerabilities in Exchange Server,” reports ZDNet: On March 18, the Redmond giant said the software will automatically mitigate CVE-2021-26855, a severe vulnerability that is being actively exploited in the wild. This vulnerability is one of four that can be used in a…
Microsoft Defender Antivirus Now Protects Users Against Ongoing Exchange Attacks | IT Security News 19. March 2021 Microsoft informed customers on Thursday that Defender Antivirus and System Center Endpoint Protection now provide automatic protection against attacks exploiting the recently disclosed Exchange Server vulnerabilities. read more Like this: Like Loading… Related Tags: SecurityWeek RSS Feed Sponsors…
