Security News > 2021
Kia Motors America has publicly acknowledged an "Extended system outage," but ransomware gang DoppelPaymer claimed it has locked down the company's files in a cyberattack that includes a $20 million ransom demand. The ransom note from DoppelPaymer, first published by BleepingComputer, said the attack was on Hyundai Motor America, the parent company of Kia Motors America, based in Irvine, Calif. It went on to say that the company has two to three weeks to pay up 404 Bitcoins, which is around $20 million as of this writing.
The US Department of Justice has just unsealed a lengthy list of cybercrime charges against three North Koreans. The DOJ explicitly named the three accused men as Jon Chang Hyok, Kim Il, and Park Jin Hyok, alleging them to be part of a North Korean hacking group that you may have heard referred to over the years as APT38 or the Lazarus Group.
RIPE NCC is warning members that they suffered a credential stuffing attack attempting to gain access to single sign-on accounts. RIPE NCC is a not-for-profit regional Internet registry for Europe, the Middle East, and parts of Central Asia.
New Jersey-based access governance company SPHERE on Thursday announced that it raised $10 million in a Series A funding round. The investment was led by ForgePoint Capital, with participation from private investors Omkhar Arasaratnam, Joel Caminer, Adnane Charchour, and Sounil Yu. The money will be used to expand the company's scope and capabilities, particularly on cloud platforms such as Office 365, and to expand managed services operations.
While the infosec industry is used to reading FUD about software vulnerabilities, eye-catching research suggests about 500 vulns were exploited in 2019 - despite 18,000 new CVEs being created. Kenna Security, a US infosec firm, reckons that despite thousands of vulnerabilities being assigned a Common Vulnerabilities and Exploitations tracking number in the year, just 473 of those were actively being exploited in ways likely to impact enterprises.
New details have emerged about an unpatched security vulnerability in Microsoft's Internet Explorer that was recently used in a complex campaign against security researchers. In early February, cybersecurity researchers at South Korean consultancy ENKI identified a zero-day exploit that it said was used in the researcher attack.
Attackers are abusing Google's Apps Script business application development platform to steal credit card information submitted by customers of e-commerce websites while shopping online. They take advantage of the fact that online stores would consider Google's Apps Script domain as trusted and potentially whitelisting all Google subdomains in their sites' CSP configuration.
Effective CISOs and other leaders are those who plan for today but with an eye on tomorrow, and always put people first, according to Christopher Krebs, former director of the Department of Homeland Security's cybersecurity and infrastructure agency. "You always have to be agile around how business operations are shifting," said Krebs, speaking during a sweeping "Fireside chat" Wednesday with OneLogin CEO Brad Brooks, which touched on topics including remote work, online voting, and passwords.
TechRepublic's cheat sheet about LastPass is a quick introduction to this password management app, as well as a "Living" guide that will be revised periodically as new updates and versions are released. Executive summaryWhat is LastPass? LastPass is a robust password management tool available on most computing platforms and as a browser plugin.
Microsoft announced today that the SolarWinds hackers gained access to source code for a limited number of Azure, Intune, and Exchange components. After internal investigations of their use of the SolarWinds platform, Microsoft announced in December that they were affected by the attack and that hackers could gain access to a limited amount of source code repositories.