By Raphael Satter, Christopher Bing WASHINGTON (Reuters) – A China-linked cyber-espionage group has been remotely plundering email inboxes using freshly discovered flaws in Microsoft mail server software, the company and outside researchers said on Tuesday – an example of how commonly used programs can be exploited to cast a wide net online. In a blog…
A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. Unknown threat actors hacked the Verified forum in January, Crdclub in February, and Exploit and Maza in March,…
The National Security Agency (NSA) and Cybersecurity and Infrastructure Agency (CISA) released a joint information sheet Thursday that offers guidance on the benefits of using a Protective Domain Name System (PDNS). A PDNS service uses existing DNS protocols and architecture to analyze DNS queries and mitigate threats. It leverages various open source, commercial, and governmental…
At least 30,0000 organizations across the US have been hacked over the last few days through flaws in Microsoft’s Exchange server email software, sources familiar with the matter told KrebsOnSecurity. The “unusually aggressive Chinese cyber espionage unit” that Microsoft calls “Hafnium” is focusing on stealing emails from a range of victims, including companies, small businesses,…
Breach Notification , Cybercrime , Fraud Management & Cybercrime Security Firm Confirms Breach After Clop Ransomware Gang Posts Stolen Customer Data Mathew J. Schwartz (euroinfosec) • March 4, 2021 Leaked Qualys customer information (Source: Clop leaks site) Cybersecurity firm Qualys has confirmed that its systems were breached by attackers who hacked its Accellion…
One of the oldest cybercrime forums Maza (aka Maza Faka) has been reportedly hacked this week, with its user information dumped online. Maza is an exclusive carding and fraud discussion forum for Russian-speaking cybercriminals, which has been around for more than a decade. According to Intel 471, the incident took place on March 3, 2021,…
FireEye and Microsoft on Thursday said they discovered three more malware strains in connection with the SolarWinds supply-chain attack, including a “sophisticated second-stage backdoor,” as the investigation into the sprawling espionage campaign continues to yield fresh clues about the threat actor’s tactics and techniques. Dubbed GoldMax (aka SUNSHUTTLE), GoldFinder, and Sibot, the new set of…
Cybercrime , Endpoint Security , Fraud Management & Cybercrime Companies Report Several of Their Products Are Vulnerable Doug Olenick (DougOlenick) • March 6, 2021 Supermicro and Pulse Secure have each issued advisories this past week warning users that some of their products are vulnerable to the updated version of Trickbot malware that features…
Microsoft says Chinese hackers from the Hafnium group waged “limited and targeted attacks,” in which its Exchange Email servers were breached to steal data using 0-day flaws. In its recent blog post, Microsoft has identified that a group of sophisticated Chinese hackers targeted its popular email service called Microsoft Exchange. According…
At least 30,000 US organizations including local governments have been hacked in recent days by an “unusually aggressive” Chinese cyber-espionage campaign, according to a computer security specialist. The campaign has exploited recently discovered flaws in Microsoft Exchange software, stealing email and infecting computer servers with tools that let attackers take control remotely, Brian Krebs said…
