Security News > 2022 > August
Microsoft says it will give enterprise security operation centers broader access to the massive amount of threat intelligence it collects every day.Both services - Defender Threat Intelligence and Defender External Attack Surface Management - use technologies that Microsoft inherited when it bought cybersecurity company RiskIQ for $500 million in 2021.
The Spanish National Research Council last month was hit by a ransomware attack that is now attributed to Russian hackers. CSIC is a state agency for scientific research and technological development part of the Spanish Ministry of Science and Innovation but with a special status in that it has "Its own assets and treasury, functional and managerial autonomy."
Smart App Control, a Windows 11 security feature that blocks threats at the process level, now comes with support for blocking several file types threat actors have recently adopted to infect targets with malware in phishing attacks. "Windows 11 with smart app control blocks iso and lnk files that have mark of the web just like Macros," David Weston, Microsoft's VP for Enterprise and OS Security, tweeted on Tuesday.
A now-former T-Mobile US store stole at least 50 employees' work credentials to run a phone unlocking and unblocking service that prosecutors said netted $25 million. Argishti Khudaverdyan, 44, of Burbank, California, was found guilty of 14 criminal charges [PDF] by a US federal jury on Friday.
Grover's algorithm given a big and powerful enough quantum computer, claims to be able to complete the same feat with the square root of the usual effort, thus cracking the code, in theory, in just 264 tries instead. Shor's quantum factorisation algorithm. Or you'd have to adopt a completely new sort of post-quantum encryption system to which Shor's algorithm didn't apply.
A new large-scale phishing campaign targeting credentials for Microsoft email services use a custom proxy-based phishing kit to bypass multi-factor authentication. The phishing campaign's targets include fin-tech, lending, accounting, insurance, and Federal Credit Union organizations in the US, UK, New Zealand, and Australia.
Cisco has fixed critical security vulnerabilities affecting Small Business VPN routers and enabling unauthenticated, remote attackers to execute arbitrary code or commands and trigger denial of service conditions on vulnerable devices.Successful exploitation of CVE-2022-20842 with crafted HTTP input could allow attackers "To execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a DoS condition," the company explains.
Miscreants making use of typosquatting are being spotted by researchers at Sonatype, emphasizing the need to check that the package is really the one you meant to download. The latest packages detected use variations of the spelling of "Requests", a hugely popular HTTP library available via PyPI. Of the project, the description notes: "Requests is one of the most downloaded Python packages today, pulling in around 30M downloads / week - according to GitHub. Requests is currently depended upon by 1,000,000+ repositories." Focusing on the requesys package, researchers found scripts that would stomp over Windows user's folders and begin encrypting files.
Hackers steal almost $200 million from crypto firm Nomad. U.S. crypto firm Nomad has been the victim of a digital theft that saw hackers make off with $190 million of cryptocurrencies owned by users of the service. On August 1, Nomad confirmed the theft in a tweet that said: "We are aware of the incident involving the Nomad token bridge. We are currently investigating and will provide updates when we have them."
Microsoft has addressed a known issue triggered by recent Windows 10 updates that caused the Input Indicator and Language Bar not to appear in the notification area. This known issue affects devices running Windows 10 version 20H2, 21H1, and 21H2, with more than one language installed.