Security News > 2021

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. China's exploitation of products made by Supermicro, as the U.S. company is known, has been under federal scrutiny for much of the past decade, according to 14 former law enforcement and intelligence officials familiar with the matter.

A ransomware gang who says they stole unencrypted source code for the company's most popular games and then encrypted CD Projekt's servers claims to have sold the data. Ransomware gang says they sold CD Projekt's data.

Windows 10 is getting a redesigned 'Battery' settings page that provides detailed graphs showing how your mobile device uses the battery. In yesterday's release of the Windows 10 Insider build 21313, a Windows internals sleuth known as Albacore discovered a new hidden feature for a new in-development Battery settings page.

Researchers from Google and Stanford University have analyzed the patterns of more than 1.2 billion email-based phishing and malware attacks targeting Gmail users, and found that most attack campaigns are short-lived and sent to fewer than 1,000 targets. Users in North America are targeted the most, they found, with 42% of the observed attacks targeted users in the United States, 10% hitting people in the United Kingdom, and 5% aimed at users in Japan.

Following up on a disputed 2018 claim in its BusinessWeek publication that tiny spy chips were found on Supermicro server motherboards in 2015, Bloomberg on Friday doubled down by asserting that Supermicro's products were targeted by Chinese operatives for over a decade, that US intelligence officials have been aware of this, and that authorities kept this information quiet while crafting defenses in order to study the attack. The article - a follow-on to BusinessWeek's 2018 spy chip bombshell - cites three specific incidents: the 2010 discovery by the Defense Department that thousands of its computers were sending military network data to China due to code hidden in chips that handle the server startup process; Intel's discovery in 2014 that a Chinese hacking group penetrated its network via a server that fetched malware from an unidentified supplier's update site; and a 2015 warning issued by the FBI to multiple companies that Chinese agents had hidden an extra chip with backdoored code on one manufacturer's servers.

This week we saw another ransomware shut down its operation and a significant attack against Cyberpunk 2077 game developer CD Projekt Red. Another operation known as Ziggy Ransomware shut down this week and released the decryption keys for victims.

Not actually unexpected, to many people think redundancy is just "Doubling up" sadly it's at times like these they find out sometimes all to briefly that the two are rather different. So the one essential needed for fast recovery ie communications is now down and out for the count I wish those effected well but I hope you've got your ninty days of supplies sorted out you are probably going to need them, especially if the sewers freeze up.

Researcher Alissa Knight with Approov tried to break into the APIs of 30 different mHealth app vendors, with the agreement she wouldn't ID the vulnerable ones. According to the resulting report from Approov, out of 30 popular mHealth apps analyzed, 77 percent of them contained hardcoded API keys, which would allow an attacker to intercept that exchange of information - some of which don't expire.

Senators are now demanding more information about the attacker's infiltration of the US court system, which has already been forced to make changes in how documents are filed as a result of the attack. "Highly sensitive documents should be stored in a secure paper filing system or a secure standalone computer system that is not connected to any network, particularly the internet. The AO will provide courts with model language for a standing or general order as well as advice and guidance on how to establish and securely maintain a standalone computer system if a court chooses that option."

Microsoft has started replacing the legacy version of the Edge browser with the new Chromium-based Edge in Windows 10 Dev builds. This change is rolling out to all customers installing Windows 10 Insider Preview Build 21313, offered through the Dev Channel and available after joining the Windows 10 Insider Program.