Security News > 2020 > May

Japan-based systems integrator NTT Communications has disclosed a recent data breach that it said impacted hundreds of customers. NTT Communications did not clarify what kind of data may have been accessed, nor did it mention how attackers were able to move laterally on the network.

The Russia-linked APT group Sandworm has been spotted exploiting a vulnerability in the internet's top email server software, according to the National Security Agency. Exim is the default MTA included on some Linux distros like Debian and Red Hat, and Exim-based mail servers in general run almost 57 percent of the internet's email servers, according to a survey last year.

The United States Department of Justice this week announced that a New York City man was charged for his participation in a cybercrime scheme involving the theft and trafficking of payment card data. The man, Vitalii Antonenko, 28, who was arrested in March 2019, was indicted for conspiring to gain unauthorized access to computer networks and traffic in unauthorized access devices, and for money laundering.

The U.S. National Security Agency on Thursday published information on the targeting of Exim mail servers by the Russia-linked threat actor known as Sandworm Team. The open-source Exim mail transfer agent is used broadly worldwide, powering more than half of the Internet's email servers and also being pre-installed in some Linux distributions.

The facial recognition company that everyone - or at least a large chunk of everyone - loves to hate, Clearview AI, is to get yet another day, and perhaps very much longer than that, in a Chicago courtroom. Clearview AI is a new research tool used by law enforcement agencies to identify perpetrators and victims of crimes.

One group that's been exploited in many of these campaigns is the World Health Organization, a tempting target as it's been trying to manage and direct some of the global efforts toward combatting COVID-19. Spoofing the WHO, a new phishing campaign spotted by security provider Abnormal Security is trying to capture the email credentials of unsuspecting users.

GitHub revealed on Thursday that tens of open source NetBeans projects hosted on its platform were targeted by a piece of malware as part of what appears to be a supply chain attack. GitHub learned about the malware, which has been named Octopus Scanner, on March 9 from a security researcher who noticed that several repositories hosted on GitHub had been serving malware, likely without their owners' knowledge.

Cisco on Thursday said that it plans to acquire privately held network intelligence firm ThousandEyes, as the networking giant looks to boost network visibility and intelligence across its enterprise networking, cloud and application services portfolios. Headquartered in San Francisco and founded in 2010, ThousandEyes provides an internet intelligence platform that delivers deep visibility and insights into application and services delivery over the Internet.

"Hack-for-hire" organizations are the latest group of cybercriminals to take advantage of the ongoing coronavirus pandemic, using COVID-19 as a lure in phishing emails bent on stealing victims' Google credentials. Researchers with Google's Threat Analysis Group warned that they've spotted a spike in activity from several India-based firms that have been creating Gmail accounts that spoof the World Health Organization to send coronavirus-themed phishing emails.

The U.S. citizens'-rights watchdog organization has filed suit in the Circuit Court of Cook County in Illinois against Clearview AI, on behalf of a number of organizations comprised of vulnerable communities-such as survivors of sexual assault or domestic violence and undocumented immigrants-for violating the the Illinois Biometric Information Privacy Act. Clearview has been collecting what are called "Faceprints," or unique biometric identifiers similar to someone's fingerprint or DNA profile, and then selling them to "Private companies, police, federal agencies and wealthy individuals, allowing them to secretly track and target whomever they wished using face recognition technology," ACLU Staff Attorney Nathan Freed Wessler wrote in a blog post published Thursday.