You applied the patch that could stop possible RCE attacks last week, right? A critical security hole in Apache Struts 2 – patched last week – is currently being exploited using publicly available proof-of-concept (PoC) code.... [...]
But can you really take crims at their word? Supply chain integration vendor Cleo has urged its customers to upgrade three of its products after an October security update was circumvented, leading to widespread ransomware attacks that Russia-linked gang Cl0p has claimed are its evil work.... [...]
IOCONTROL targets IoT and OT devices from a ton of makers, apparently An Iranian government-linked cybercriminal crew used custom malware called IOCONTROL to attack and remotely control US and Israel-based water and fuel management systems, according to security researchers.... [...]
Sen. Wyden blasts FCC's 'failure' amid Salt Typhoon hacks US telecoms carriers would be required to implement minimum cyber security standards and ensure their systems are not susceptible to hacks by nation-state attackers – like Salt Typhoon – under legislation proposed by senator Ron Wyden (D-OR).... [...]
No word yet on who was snooped on. Any bets? Chinese cyberspies recorded "very senior" US political figures' calls, according to White House security boss Anne Neuberger.... [...]
ShinyHunters-linked heist thought to have been ongoing since March Exclusive A massive online heist targeting AWS customers during which digital crooks abused misconfigurations in public websites and stole source code, thousands of credentials, and other secrets remains "ongoing to this day," according to security researchers.... [...]
Outsmart an AI, win a little Christmas cash Microsoft and friends have challenged AI hackers to break a simulated LLM-integrated email client with a prompt injection attack – and the winning teams will share a $10,000 prize pool.... [...]
'It's a double-edged sword,' security researchers tell The Reg Feature Chinese tech company employees and government workers are siphoning off user data and selling it online - and even high-ranking Chinese Communist Party officials and FBI-wanted hackers' sensitive information is being peddled by the Middle Kingdom's thriving illegal data ecosystem …
Still unpatched 100+ days later, watchTowr says updated A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers access to sensitive files on vulnerable instances.... [...]
Redmond threat intel maven talks explains this persistent pain to The Reg A Chinese government-linked group that Microsoft tracks as Storm-2077 has been actively targeting critical organizations and US government agencies as of yesterday, according to Redmond's threat intel team.... [...]
Security chief talks to El Reg as Feds urge everyone to use encrypted chat interview While Chinese-government-backed spies maintained access to US telecommunications providers' networks for months – and in some cases still haven't been booted out – T-Mobile US thwarted successful attacks on its systems "within a single-digit number of …
ENGlobal customers include the Pentagon as well as major oil and gas producers American energy contractor ENGlobal disclosed that access to its IT systems remains limited following a ransomware infection in late November.... [...]
Yet another result of the MOVEit mess Hundreds of thousands of employees from major corporations including Xerox, Nokia, Koch, Bank of America, Morgan Stanley and others appear to be the latest victims in a massive data breach linked to last year's attacks on file transfer tool MOVEit.... [...]
Tap into the infinite scalability... of pricing Re:Invent Amazon Web Services has a new incident response service that combines automation and people to protect customers' AWS accounts - at a hefty price.... [...]
Scumbags play on victims' worst fears in phishing campaign referencing UK Employment Tribunal A current phishing campaign scares recipients into believing they've been sacked, when in reality they've been hacked – and infected with infostealers and other malware that means a payday for the crooks behind the scam.... [...]
Plus, a brand-new backdoor, GhostSpider, is linked to the cyber spy crew's operations The reach of the China-linked Salt Typhoon gang extends beyond telecommunications giants in the United States, and its arsenal includes several backdoors – including a brand-new malware dubbed GhostSpider – according to Trend Micro researchers.... [...]
Funny what putting more effort and resources into IT security can do Attackers - possibly China's Salt Typhoon cyber-espionage crew - compromised an unnamed wireline provider's network and used this access to try to break into T-Mobile US systems multiple times over the past few weeks, according to its Chief Security …
Researcher spotted open database before criminals... we hope Exclusive More than 600,000 sensitive files containing thousands of people's criminal histories, background checks, vehicle and property records were exposed to the internet in a non-password protected database belonging to data brokerage SL Data Services, according to a security researcher …
In case anyone forgot about Change Healthcare American hospitals and healthcare organizations would be required to adopt multi-factor authentication (MFA) and other minimum cybersecurity standards under new legislation proposed by a bipartisan group of US senators.... [...]
Meanwhile, CISA chief Jen Easterly will step down prior to inauguration Analysis President-elect Donald Trump has announced several unorthodox nominations for his cabinet over the last two weeks, including South Dakota Governor Kristi Noem, whom he tapped to serve as Homeland Security Secretary.... [...]
PAN-PAN! Intruders inject web shell backdoors, crypto-coin miners, more Updated Thousands of Palo Alto Networks firewalls were compromised by attackers exploiting two recently patched security bugs. The intruders were able to deploy web-accessible backdoors to remotely control the equipment as well as cryptocurrency miners and other malware.... [...]
TL;DR: Attackers will break in and pwn you, as a US government red team demonstrated The US Cybersecurity and Infrastructure Agency often breaks into critical organizations' networks – with their permission, of course – to simulate real-world cyber attacks and thereby help improve their security. In one of those recent …
Meet Liminal Panda, which prowls telecom networks in South Asia and Africa A senior US senator has warned that American tech companies’ activities in China represent a national security risk, in a hearing that saw infosec biz CrowdStrike testify it has identified another cyber-espionage crew it believes is backed …
Ransomware scum LockBit claims it did the dirty deed Equinox, a New York State health and human services organization, has begun notifying over 21 thousand clients and staff that cyber criminals stole their health, financial, and personal information in a "data security incident" nearly seven months ago.... [...]
No word on when or if the issue will be fixed Chinese government-linked snoops are exploiting a zero-day bug in Fortinet's Windows VPN client to steal credentials and other information, according to memory forensics outfit Volexity.... [...]