Security News > 2020 > June

Campaign staffs for both President Donald Trump and Democratic rival Joe Biden have been targeted recently by foreign hackers, Google researchers said Thursday, highlighting persistent data security concerns ahead of the November US election. A tweet from Google's threat analysis chief Shane Huntley said the internet giant warned the Biden campaign about "Phishing" efforts from China and the Trump campaign from Iran.

With the U.S. presidential election months away, advanced persistent threat groups are targeting the campaign staffers of both Donald Trump and Joe Biden in recent phishing attacks. A China-linked APT group targeted Biden's campaign staff, while an Iran-linked APT targeted Trump's.

A recently discovered multi-platform Java ransomware uses a Java image file to evade detection, BlackBerry security researchers report. After establishing a foothold onto the environment, the attackers executed the Java ransomware module, which encrypted all file servers connected to the network, including backup systems.

Over a period of just a few days in late May, malicious actors attempted to steal database credentials from millions of WordPress websites by exploiting known vulnerabilities in themes and plugins. According to WordPress security company Defiant, its firewall blocked more than 130 million attempts to collect database credentials from 1.3 million sites between May 29 and May 31.

A hapless IT bod found the Have I Been Pwned service answering its own question in a way he really didn't want - after a breach report including a SQL string KO'd his company's helpdesk ticket system. A pseudonymous blogger posting under the name Matt published a tortured account of what happened when a breach notification email from HIBP was ingested into his firm's helpdesk ticket system and was automatically assigned a ticket ID. The company used version 9.4.5 of the GLPi open source helpdesk system, a rather old product but quite functional.

In many or most recent data breaches where authentication data gets stolen, the crooks don't end up with your actual password along with your login name. Passwords usually are - or certainly should be! - stored in a hashed form, where the hash can be used to verify that a supplied password is correct, but can't be wrangled backwards to reveal what the password was.

To boot, the payload-less nature of these BEC attacks evades detection from traditional email security solutions. Unsurprisingly, over the past few weeks the Abnormal Security Research Team has observed that the majority of email attacks have a COVID-19 related element.

Security experts are up in arms after learning that video conferencing app Zoom will only offer end-to-end encryption to paid users. On Zoom's Wednesday first-quarter financial earnings call, Zoom CEO Eric Yuang said that the upcoming end-to-end encryption feature would not apply for free users.

A U.S. military contractor involved in the maintenance of the country's Minuteman III nuclear arsenal has been hit by the Maze ransomware, according to reports - with the hackers making off with reams of sensitive information. The cyberattackers first compromised the contractor's internal network, the company confirmed to Sky News, before encrypting files and exfiltrating data.

Drone detection company Dedrone has partnered with BlackBerry to build an instant notification system for unauthorized drone activity in sensitive airspace. AtHoc is designed to be integrated into other platforms through its APIs and SDK, which BlackBerry said Dedrone has done to create "Automated, highly targeted alerts based on a range of criteria, including flight zones, drone behavior, and user groups for a more efficient, focused response to the presence of an unauthorized drone."