By Tom Spring on Apr 14, 2021 08:46 am
Microsoft fixes 110 vulnerabilities, with 19 classified as critical and another flaw under active attack.
By Paul Ducklin on Apr 14, 2021 08:38 am
Hacking for good! A judge said I could!
By Sean Lyngaas on Apr 13, 2021 08:34 pm
The FBI has used a court order to remove malicious code from hundreds of U.S. computers running the Microsoft Exchange Server email program, Justice Department officials announced Tuesday. The court-ordered removal of the web shells, or scripts used by hackers for persistent access, is one of the most aggressive actions taken yet by U.S. government officials or corporate executives to combat the Exchange Server vulnerabilities since Microsoft announced on March 2 that suspected Chinese spies were exploiting them. The alleged Chinese hackers used the flaws to steal emails from targeted organizations, according to private-sector analysts, but an array of scammers have since exploited the bugs for their own purposes. In the days after Microsoft revealed the vulnerabilities, incident responders estimated that tens of thousands of U.S. organizations running Exchange Server could be exposed to potential hacking. Many of those organizations have removed the web shells, but Justice Department officials said […]
The post With court order, FBI removes hundreds of Exchange Server web shells from US organizations appeared first on CyberScoop.
By Jai Vijayan Contributing Writer on Apr 13, 2021 06:15 pm
Researchers uncover a fresh set of nine vulnerabilities in four TCP/IP stacks that are widely used in everything from powerful servers and firewalls to consumer IoT products.
By Kelly Sheridan Staff Editor, Dark Reading on Apr 13, 2021 05:39 pm
Microsoft today patched 114 CVEs to address the Exchange Server flaws, more than 50 remote code execution vulnerabilities, and one zero-day.
By Dark Reading Staff on Apr 13, 2021 05:35 pm
Researchers say an unknown attacker is targeting vulnerable Exchange Servers with a payload hosted on a compromised Exchange Server.
By Sean Lyngaas on Apr 13, 2021 05:34 pm
About a quarter of roughly 1,500 electric utilities sharing data with the North American power grid regulator said they installed the malicious SolarWinds software used by suspected Russian hackers, the regulator said on Tuesday. The electric utilities did not report any significant follow-on activity from the hackers, but the broad exposure of the sector points to the challenges of protecting utilities from supply-chain breaches. A minority of the electric-sector organizations that downloaded the malicious code used the affected SolarWinds software in their “operational technology” networks, a broad term for more sensitive software and hardware used to manage industrial operations, according to the North American Electric Reliability Corp. NERC is a not-for-profit regulatory authority backed by the U.S. and Canadian governments. But Manny Cancel, a senior vice president at NERC, said clear communication on the espionage campaign from the U.S. government helped the sector to reduce its exposure to any […]
The post Hundreds of electric utilities downloaded SolarWinds backdoor, regulator says appeared first on CyberScoop.
By Tom Spring on Apr 13, 2021 05:03 pm
How this class of vulnerabilities will impact millions connected devices and potentially wreck the day of IT security professionals.
By Kelly Sheridan Staff Editor, Dark Reading on Apr 13, 2021 04:50 pm
The length of time attackers remain undiscovered in a target network has fallen to 24 days, researchers report, but ransomware plays a role.
By Becky Bracken on Apr 13, 2021 04:24 pm
Researchers measured 648 new malware threats every minute during Q4 2020.
By Anonymous on Apr 13, 2021 04:05 pm
The Cloud Security Alliance (CSA) has released new Crypto-Asset Exchange Security Guidelines, a set of guidelines and best practices for crypto-asset exchange (CaE) security.
By Tim Wilson, Editor in Chief, Dark Reading on Apr 13, 2021 04:00 pm
Improvements will make site content easier to navigate, faster, and more functional.
By Shannon Vavra on Apr 13, 2021 03:04 pm
The intelligence community made its most direct public attribution yet that Russia was behind weaving malicious code into a SolarWinds software update to facilitate a sweeping espionage operation, impacting hundreds of companies and U.S. federal agencies. The intelligence community said Russia was behind the software supply chain hack in the intelligence community’s Annual Threat Assessment, which the Office of the Director of National Intelligence released Tuesday. “A Russian software supply chain operation against a US-based IT firm exposed approximately 18,000 customers worldwide, including enterprise networks across US Federal, state, and local governments,” the assessment notes, without naming SolarWinds. The intelligence community under the Trump administration had only previously stated that the operation was “likely” Russian in origin. The publication of the threat assessment coincides with President Joe Biden’s call with Russian President Vladimir Putin Tuesday, during which Biden “made clear that the United States will act firmly in defense of […]
The post U.S. intelligence community details destructive cyber capabilities, growing influence threats appeared first on CyberScoop.
By Tara Seals on Apr 13, 2021 02:29 pm
Crooks are looking to harvest email credentials with a savvy campaign that uses the Typeform service to host the phishing page.
By Sean Lyngaas on Apr 13, 2021 01:58 pm
The National Security Agency on Tuesday said it alerted Microsoft to a fresh batch of critical vulnerabilities that hackers could exploit to remotely compromise the Exchange Server email software program. Microsoft said that it hadn’t see any hacks using the vulnerabilities on its customers, but the news comes at a time of heightened concern over bugs in Exchange Server. Microsoft on March 2 revealed that suspected Chinese spies had exploited another set of flaws in Exchange Server to siphon off emails from targeted U.S. organizations. A bevy of opportunistic cybercriminals proceeded to exploit those vulnerabilities, to which tens of thousands of U.S. businesses and state and local organizations were reportedly exposed. The latest software bugs that the NSA discovered are in the 2013, 2016 and 2019 versions of Exchange Server. Microsoft said that the vulnerabilities, if exploited, could allow an attacker to execute code remotely on a target computer. Like […]
The post NSA says it found new critical vulnerabilities in Microsoft Exchange Server appeared first on CyberScoop.
By Ryan Nolette Technical Security Lead at Postman on Apr 13, 2021 01:00 pm
With APIs predicted to be the most common attack vector by 2022, an API-first security strategy is critical now more than ever.
By Paul Ducklin on Apr 13, 2021 12:57 pm
The programmers among us are learning... but not always quickly enough, it seems. Here's some food for coding thought...
By Tara Seals on Apr 13, 2021 12:40 pm
The security bugs could open the door for arbitrary code-execution and full takeover of targeted machines.
By Tim Starks on Apr 13, 2021 10:34 am
Banking groups have objected to elements of a proposed U.S. cyber incident notification rule, saying that its threshold for mandatory disclosure of such events to regulators is overly broad and would lead to over-reporting of incidents. Under the proposed regulation from the Treasury Department and other regulators, banks would have to notify their regulators within 36 hours of certain kinds of attacks, and bank service providers would have to notify their customers of particularly damaging incidents as well. “While we support the policy goals of the proposed rule, we believe that, as currently drafted, the proposed rule calls for notification of incidents well below the intended threshold of critical cybersecurity incidents,” wrote the American Bankers Association, Bank Policy Institute, Institute of International Bankers, and the Securities Industry and Financial Markets Association. “As a result, the proposed rule would lead to significant and burdensome over-reporting to the Agencies, contrary to its […]
The post Banking organizations dub proposed US cyber notification regulation 'burdensome' appeared first on CyberScoop.
By Elissa M. Redmiles Researcher, Max Planck Institute for Software Systems on Apr 13, 2021 10:00 am
Facebook and Google can identify patterns of attack within their own data, but smaller businesses rarely see enough traffic to successfully identify an attack or warn users.
By Elizabeth Montalbano on Apr 13, 2021 09:40 am
An update to Google’s browser that fixes the flaw is expected to be released on Tuesday.
|
