Security News > 2020 > May

Earlier this month, when F-Secure publicly revealed the existence of two vulnerabilities affecting SaltStack Salt and attackers started actively exploiting them, Cisco was among the victims. The revelation was made on Thursday, when Cisco published an advisory saying that, on May 7, 2020, they've discovered the compromise of six of their salt-master servers, which are part of the Cisco VIRL-PE service infrastructure.

Germany said Thursday it is seeking EU sanctions against a Russian man over his alleged role in the hacking of the German parliament at a time when evidence shows he was working for Russian intelligence. Germany's Foreign Ministry said it called in Russian ambassador Sergei Nechayev to inform him in person of the move.

Minted, an online marketplace of crowdsourced art and graphic designs, this week confirmed that it was the victim of a data breach earlier this month. Information on a security incident affecting Minted became public several weeks ago, when a hacking group referred to as Shiny Hunters started advertising user records stolen in multiple fresh data breaches, including information exfiltrated from Minted.

Facebook today announced new features for Messenger that will alert you when messages appear to come from financial scammers or potential child abusers, displaying warnings in the Messenger app that provide tips and suggest you block the offenders. The feature, which Facebook started rolling out on Android in March and is now bringing to iOS, uses machine learning analysis of communications across Facebook Messenger's billion-plus users to identify shady behaviors.

Empire Market is one of the most popular places to buy illegal goods on the dark web, transacting a little over $1,000,000 a week. Empire Market has over 52 thousand listings across 11 categories, but the Drugs & Chemicals category dwarfs the others by an order of magnitude.

Now, Cisco reveals that salt-master servers that are used with Cisco Virtual Internet Routing Lab Personal Edition were upgraded on May 7, and that, on the same day, they were found to have been compromised through the aforementioned vulnerabilities. "Cisco identified that the Cisco maintained salt-master servers that are servicing Cisco VIRL-PE releases 1.2 and 1.3 were compromised. The servers were remediated on May 7, 2020," the company announced in an advisory.

Over the first quarter of 2020, the number of security bugs disclosed by software makers fell 20 per cent though not for any of the right reasons, it seems. Analysts at Risk Based Security cited both internal data and public reports from vendors in putting the number of security vulnerabilities reported over the first three months of the year at 4,968, down from 6,198 over the same period in 2019.

Over the first quarter of 2020, the number of security bugs disclosed by software makers fell 20 per cent though not for any of the right reasons, it seems. Analysts at Risk Based Security cited both internal data and public reports from vendors in putting the number of security vulnerabilities reported over the first three months of the year at 4,968, down from 6,198 over the same period in 2019.

The Russian APT group Sandworm has been exploiting a critical Exim flaw to compromise mail servers since August 2019, the NSA has warned in a security advisory published on Thursday. Attackers started exploiting it to compromise Linux servers and instal cryptocoin miners on them, and Microsoft warned about a Linux worm leveraging the flaw to target Azure virtual machines running affected versions of Exim.

Windows 10 release 2004 is out, with a slew of new features. In Windows 10 1903, it launched the Windows Sandbox, which is a lightweight desktop environment that isolates anything you run in it and wipes all its files when you close it down.