Security News > 2020 > December
Cybersecurity researchers today disclosed a new supply-chain attack targeting the Vietnam Government Certification Authority that compromised the agency's digital signature toolkit to install a backdoor on victim systems. Uncovered by Slovak internet security company ESET early this month, the "SignSight" attack involved modifying software installers hosted on the CA's website to insert a spyware tool called PhantomNet or Smanager.
Among those who use SolarWinds software are the Centers for Disease Control and Prevention, the State Department, the Justice Department, parts of the Pentagon and a number of utility companies. CISA has directed everyone to remove SolarWinds from their networks.
Microsoft has confirmed that they were hacked in the recent SolarWinds attacks but denied that their software was compromised in a supply-chain attack to infect customers. Tonight, Reuters released a report stating that sources indicated that Microsoft was not only compromised in the SolarWinds supply-chain attack but also had their software modified to distribute malicious files to its clients.
A much more important question, for ransomware victims and wide-eyed bystanders alike, is: How did the ransomware get in? In 2020, we conducted a survey of IT managers in 5000 companies in 26 different countries and asked about ransomware attacks.
When Dutch ethical hacker Victor Gevers tried to alert Secret Service that he was able to guess the password to President Donald Trump's Twitter handle last October, there were plenty of skeptics, most notably at the White House. Now, Dutch prosecutors have determined Gevers did guess the password to the world's most powerful Twitter account, but said that he will not be charged with a crime because he was acting honorably to track down vulnerabilities associated with high-profile accounts.
Google and Qualcomm have linked arms to extend the lifecycle of new Android devices, meaning future phones could receive as many as three major operating system updates provided they're running the latest Snapdragon silicon. "For each SoC model, the SoC manufacturers now needed to create multiple combinations of vendor implementations to support OEMs who would use that chipset to launch new devices and deploy OS upgrades on previously launched devices," said Google's Android Developers Blog.
Super-secure air-gapped computers are vulnerable to a new type of attack that can turn a PC's memory module into a modified Wi-Fi radio, which can then transmit sensitive data at 100 bits-per-second wirelessly to nearly six feet away. Noted air-gap researcher Mordechai Guri created the proof-of-concept attack and described it in a research paper released earlier this month under the auspices of Ben-Gurion University of the Negev, Israel's cybersecurity research center.
RubyGems, an open-source package repository and manager for the Ruby web programming language, has taken two of its software packages offline after they were found to be laced with malware. "The gems contained malware that ran itself persistently on infected Windows machines and replaced any Bitcoin or cryptocurrency wallet address it found on the user's clipboard with the attacker's," according to Ax Sharma, researcher at Sonatype, writing in a Wednesday posting.
Jack Wallen shows you how easy it can be to encrypt text to be sent via email, using Apple Mail and the GPG Suite. With the right pieces in place in macOS, you can copy a block of text from any application, encrypt it, paste it into the body of an email, and send it to any user that has shared their public key with you.
The U.S. government on Thursday added a new wrinkle to the global emergency response to the SolarWinds software supply chain attack, warning there are "Additional initial access vectors" that have not yet been documented. As the incident response and threat hunting world focuses on the SolarWinds Orion products as the initial entry point for the attacks, the Cybersecurity and Infrastructure Security Agency added a note to its advisory to warn of the new information.