Security News > 2021 > May

Although the government often writes off intelligence collected with those powers as "Conjecture", and ignores very serious physical evidence collected meticulously over years. "If the account takeover warrant is to be used to access an online account regardless of the location of the server, and executed without the knowledge of a service provider, or foreign official, then all due process requirement and safeguards that typically surround warrant processes have essentially been removed,"hxxps://www.

Microsoft detected a large-scale business email compromise campaign that targeted more than 120 organizations using typo-squatted domains registered a few days before the attacks started. BEC scammers use various tactics to compromise business email accounts, later used to redirect payments to bank accounts under their control or target employees in gift card scams.

In 2019, a Chinese security researcher working with the internet security and antivirus company Qihoo 360 unveiled an intricately woven exploit: One that would allegedly let a remote attacker easily jailbreak an iPhone X iOS 12.1. Allegedly shows, a successful exploit would allow a remote attacker to jailbreak an iPhoneX, with the targeted user none the wiser, allowing the intruder to gain access to a victim's data, processing power and more.

Four individuals from Eastern Europe face 20 years in prison for Racketeer Influenced Corrupt Organization charges after pleading guilty to running a bulletproof hosting service as a safe haven for cybercrime operations targeting US entities. The bulletproof hosting service was founded by Russian citizens Aleksandr Grichishkin and Andrei Skvortsov, who hired Lithuanian Aleksandr Skorodumov and Estonian Pavel Stassi as the organization's system admin and administrator, respectively.

Microsoft has reportedly paused the development of Windows 10X, its Chrome OS competitor for single-screen and dual-screen devices. Unlike Windows 10, Windows 10X was supposed to be simple, sleek, faster, and more secure.

Russian spies from APT29 responded to Western agencies outing their tactics by adopting a red-teaming tool to blend into targets' networks as a legitimate pentesting exercise. A couple of weeks ago, Britain and the US joined forces to out the SVR's Tactics, Techniques and Procedures, giving the world's infosec defenders a chance to look out for the state-backed hackers' fingerprints on their networked infrastructure.

Foxit Software, the company behind the highly popular Foxit Reader, has published security updates to fix a high severity remote code execution vulnerability affecting the PDF reader. The high-severity vulnerability results from a Use After Free bug found by Aleksandar Nikolic of Cisco Talos in the V8 JavaScript engine used by Foxit Reader to display dynamic forms and interactive document elements.

Agencies in the United States and the United Kingdom on Friday published a joint report providing more details on the activities of the Russian cyberspy group that is believed to be behind the attack on IT management company SolarWinds. The FBI, NSA, CISA and the UK's NCSC say the Russian threat actor tracked as APT29 was behind the SolarWinds attack, which resulted in hundreds of organizations having their systems breached through malicious updates served from compromised SolarWinds systems.

Russian Foreign Intelligence Service operators have switched their attacks to target new vulnerabilities in reaction to US govt advisories published last month with info on SVR tactics, tools, techniques, and capabilities used in ongoing attacks. In a third advisory issued on April 26, the FBI, DHS, and CIA warned of continued attacks coordinated by the Russian SVR against the US and foreign organizations.

Microsoft has announced plans to ensure data processing of EU cloud services within the borders of the political bloc in a move that expert observers claim reveals problems with the firm's existing setup. In a blog, Brad Smith, Microsoft's president and chief legal officer, said the software and cloud services giant would, by the end 2022, enable EU customers of Azure, Microsoft 365, and Dynamics 365 to have all their data processed physically within the EU. To my understanding, there would still be direct access to data and keys from the US in this new Microsoft setup.