Security News > 2020 > September

An unspecified US government agency was hacked by a miscreant who appears to have made off with archives of information. This is according to Uncle Sam's Cybersecurity and Infrastructure Security Agency, which on Thursday went into technical detail on how an intruder: broke into staffers' Office 365 accounts; gained access the agency's internal network via its VPN; and installed malware and exfiltrated data.

Password manager 1Password and virtual card platform Privacy.com announced an API integration that lets users create virtual cards in their browser quickly and safely when they need to make a payment. Starting today, users can create, use and save Privacy Cards directly within their 1Password extension whenever they're needed.

A Maryland man was sentenced to 12 months and one day in prison for hacking into and damaging the computers of his former employer. Employed at the company's Washington office, Stafford provided IT technical support to the organization's Washington, McLean, Virginia, and Baltimore offices.

The founder and CEO of the Internet security company NS8 has been arrested and "Charged in a Complaint in Manhattan federal court with securities fraud, fraud in the offer and sale of securities, and wire fraud." I admit that I've never even heard of the company before.

A threat actor was able to compromise the network of a federal agency and create a reverse proxy and install malware, the Cybersecurity and Infrastructure Security Agency reported on Thursday. Following initial access, the threat actor started gathering information of interest from email accounts, enumerated the Active Directory and Group Policy key, modified a registry key for the Group Policy, and enumerated compromised systems.

Tyler Technologies, a major provider of software and services for state and local governments in the United States, has confirmed that the recently disclosed cybersecurity incident involved ransomware. In an update posted on its website on Thursday, Tyler confirmed that the attack involved ransomware, but it did not name the malware that was used and it did not provide other information on its response to the incident, citing an ongoing investigation.

A Russian citizen accused of offering a Tesla employee $1 million to enable a ransomware attack at the electric car company's plant in Nevada denied wrongdoing Thursday before a federal magistrate judge. Kriuchkov, 26, also told U.S. Magistrate Judge Carla Baldwin that he knew the Russian government was aware of his case.

Amnesty International today exposed details of a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of FinSpy spyware designed to target Linux and macOS systems. According to the human rights organization Amnesty International, the newly discovered campaign is not linked to 'NilePhish,' a hacking group known for attacking Egyptian NGOs in a series of attacks, involving an older version of FinSpy, phishing technique, and malicious Flash Player downloads.

When attackers first gain access to the network, they will use a variety of techniques to escalate their privileges in order to gain higher level permissions and begin lateral movement. Privilege escalation is the most critical link in the attack chain as it allows an attacker to accomplish several steps, including gaining network persistence, building-in additional backdoors and, ultimately, accessing critical assets.

Microsoft Defender Application Guard, brings hypervisor-based isolation to Microsoft Edge and Microsoft Office applications. While Application Guard works well with Edge and Office, it doesn't support other applications.