Security News > 2020
All too often, ransomware victims fail to grasp that the crooks behind these attacks can and frequently do siphon every single password stored on each infected endpoint. On the morning of Dec. 4 I heard via email from someone claiming to be part of the criminal group that launched the Ryuk ransomware inside VCPI. That email was unsettling because its timing suggested that whoever sent it somehow knew I was going to speak with VCPI later that day.
Google last week disabled all Xiaomi integrations on Nest Hub after learning that some users could access other people's camera feeds. Although the Mi Home Security Camera Basic 1080p was found at fault, Google decided to disable all Xiaomi integrations on its devices.
An ongoing DeathRansom malware campaign has been found by researchers to be part of a larger collection of malicious offensives, all carried out by an actor going by the nickname "Scat01." According to Artem Semenchenko and Evgeny Ananin at FortiGuard Labs, evidence found on Russian underground forums and in their forensic investigations points to a significant connection between ongoing DeathRansom and various infostealing malware campaigns, all likely directed by one Russian-speaking individual living in Italy.
Have you ever received items by courier from people overseas? A free MacBook Pro for just $1! As we mentioned above, scams like this aren't miles away from real life, because emails from courier companies that document unexpected import and delivery charges are not unusual.
GCHQ and its cyber-defence offshoot NCSC have both denied that they are investigating a cyber-attack on the London Stock Exchange, contrary to reports. "The incident," the newspaper claimed, "Which delayed the market open by more than an hour and a half and was the worst outage in eight years, immediately triggered government cyber alert systems, according to the people familiar with the matter."
GCHQ and its cyber-defence offshoot NCSC have both denied that they are investigating a cyber-attack on the London Stock Exchange, contrary to reports. "The incident," the newspaper claimed, "Which delayed the market open by more than an hour and a half and was the worst outage in eight years, immediately triggered government cyber alert systems, according to the people familiar with the matter."
A widely known vulnerability affecting an enterprise VPN product from Pulse Secure has been exploited by cybercriminals to deliver a piece of ransomware, a researcher has warned. They can use the obtained credentials in combination with a remote command injection vulnerability in Pulse Secure products, allowing them to gain access to private VPN networks.
UPDATE. A U.S. government website was vandalized late Saturday by hackers who posted images of a bloodied President Donald Trump being punched in the face and pro-Iran messages. The hackers, who struck as tensions between the U.S. and Iran heat up, claimed to be "Iran cyber security group hackers," however, there's no evidence to confirm any attribution to Iran at the moment, according to the Department of Homeland Security.