Security News > 2021 > March

Doxing an individual can be a time-consuming and ultimately fruitless process, but the potential payout for doxing corporate employees can be huge, making them a much more tempting target. Traditionally thought to be a risk for individuals, Kaspersky reports that it's increasingly being used to target corporate employees: 1,646 unique instances of one particular type of attack were detected by Kaspersky in February 2021, alone.

The PHP project on Sunday announced that attackers were able to gain access to its main Git server, uploading two malicious commits, including a backdoor. "Had it not been detected, the code could have ultimately poisoned the binary package repositories which countless organizations rely upon and trust. Open-source projects which are self-hosting their code repositories may be at increased risk of this type of supply-chain attack and must have robust processes in place to detect and reject suspicious commits."

New Linux admins need to know how to give and take sudo privileges from users. You might come into a situation when you need to "Promote" one of those users to admin and give them sudo privileges.

The Black Kingdom/Pydomer ransomware operators have joined the ranks of threat actors targeting the Exchange Server vulnerabilities that Microsoft disclosed in early March. "As of today, we have seen a significant decrease in the number of still-vulnerable servers - more than 92% of known worldwide Exchange IPs are now patched or mitigated. We continue to work with our customers and partners to mitigate the vulnerabilities," Microsoft noted in a March 25 blog post.

Researchers from CrowdStrike, Accenture, and Awake Security have dissected some of the attacks involving the Hades ransomware and published information on both the malware itself and the tactics, techniques and procedures employed by its operators. The Hades ransomware operators targeted a few industries only, including transportation and logistics, consumer products, and manufacturing and distribution - a logistics provider and organizations in the automotive supply chain and manufacturing of insulation products are known victims.

The UK's Government Reviewer of Terrorism Laws is again advising the removal of legal safeguards around a controversial law that allows people to be jailed if they refuse police demands for forced decryption of their devices. In what appears to be a recurring theme, Jonathan Hall QC said police should be able to threaten people arrested under terror laws with five years in prison if they don't hand over passwords on demand.

The UK's Government Reviewer of Terrorism Laws is again advising the removal of legal safeguards around a controversial law that allows people to be jailed if they refuse police demands for forced decryption of their devices. In what appears to be a recurring theme, Jonathan Hall QC said police should be able to threaten people arrested under terror laws with five years in prison if they don't hand over passwords on demand.

The developers of the PHP scripting language revealed on Sunday that they had identified what appeared to be malicious code in the php-src repository hosted on the git. The unauthorized code was disguised as two typo fix-related commits apparently pushed by Rasmus Lerdorf, author of the PHP language, and Nikita Popov, an important PHP contributor.

"The SolarWinds hack was a victory for our foreign adversaries, and a failure for DHS," said Sen. Rob Portman of Ohio, top Republican on the Senate's Homeland Security and Governmental Affairs Committee. An inquiry by the AP found new details about the breach at DHS and other agencies, including the Energy Department, where hackers accessed top officials' private schedules.

Alex Salmond's Alba Party has got off to a rocky start after a coding error on its website appeared to expose the names of those signed up. First reported by Scotland's The Herald On Sunday, the names of more than 4,000 people who had signed up to attend events were inadvertently made public.