News

Blender’s Official Website Under Maintenance Following Hacking Attempt | IT Security News Sponsors Endpoint Cybersecurity www.endpoint-cybersecurity.com – Consulting in building your security products– Employee awareness training– Security tests for applications and pentesting… and more. Daily Summary Patreon Categories CategoriesSelect Category(ISC)2 Blog  (323)(ISC)2 Blog infosec  (13)(ISC)² Blog  (325)2020-12-08 – Files for an ISC diary (recent Qakbot activity)  (1)2020-12-11 – Quick…

Breach Notification , Cyberwarfare / Nation-State Attacks , Email Security & Protection Microsoft Investigating; Devcore Pen Testers Say They’re in the Clear Jeremy Kirk (jeremy_kirk) • March 14, 2021     It has been an open question as to how a half-dozen hacking groups began exploiting Exchange servers in an automated fashion in the days…

A UK college says it has closed its campus buildings for one week, and advised students that all lessons and lectures will be taking place online, following a ransomware attack. South & City College in Birmingham, which has over 20,000 students aged 14 and over, says that it suffered a “major ransomware attack” that has…

The Russian, Chinese and Cuban Embassies in Washington did not immediately return messages seeking comment. The Iranian mission to the United Nations and the Venezuelan Ministry of Information also did not immediately respond to requests for comment. Moscow, Beijing and Tehran routinely deny allegations of cyberespionage and subterfuge. The new report said Putin knew of…

Operation Dianxun Overview In a recent report the McAfee Advanced Threat Research (ATR) Strategic Intelligence team disclosed an espionage campaign, targeting telecommunication companies, named Operation Diànxùn. The tactics, techniques and procedures (TTPs) used in the attack are like those observed in earlier campaigns publicly attributed to the threat actors RedDelta and Mustang Panda. Most probably…

3rd Party Risk Management , Critical Infrastructure Security , Cyberwarfare / Nation-State Attacks But Attempts to Manipulate Votes, Change Outcome Were Unsuccessful Scott Ferguson (Ferguson_Writes) • March 16, 2021     A pair of U.S. intelligence agency reports released Tuesday conclude that Russia and Iran tried to interfere in the 2020 presidential election, but attempts…

Russian President Vladimir Putin likely authorised attempts to influence last year’s US election in favour of former President Donald Trump, intelligence officials say. Russia has repeatedly denied allegations of election interference. The 15-page report, released on Tuesday by the Office of the….

Cybersecurity firms are usually using headless devices or virtual machines to determine if a website is used for phishing. In order to bypass detection, a phishing kit will make use of JavaScript to check whether a browser is running under a virtual machine or without an attached monitor, if the kit discovers any signs of…

In this report the McAfee Advanced Threat Research (ATR) Strategic Intelligence team details an espionage campaign, targeting telecommunication companies, dubbed Operation Diànxùn. In this attack, we discovered malware using similar tactics, techniques and procedures (TTPs) to those observed in earlier campaigns publicly attributed to the threat actors RedDelta and Mustang Panda. While the initial vector…

Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management One-Click Mitigation Tool Provides Quick Fix for ProxyLogon Exchange Flaw Akshaya Asokan (asokan_akshaya) • March 16, 2021     Microsoft has released an interim mitigation tool designed to help smaller organizations take quick action to prevent attacks that exploit the unpatched ProxyLogon…