Security News > 2024 > February

Microsoft has expanded free logging capabilities for all Purview Audit standard customers, including U.S. federal agencies, six months after disclosing that Chinese hackers stole U.S. government emails undetected in an Exchange Online breach between May and June 2023. "Beginning this month, expanded logging will be available to all agencies using Microsoft Purview Audit regardless of license tier," a press release issued today reads.

Microsoft has finally expanded free Purview Audit logging capabilities for all U.S. federal agencies six months after disclosing that Chinese hackers stole U.S. government emails undetected in an Exchange Online breach between May and June 2023. "Beginning this month, expanded logging will be available to all agencies using Microsoft Purview Audit regardless of license tier," a press release issued today reads.

President Biden has empowered the US Coast Guard to get a tighter grip on cybersecurity at American ports - including authorizing yet another incident reporting rule. Port Captains, USCG officers responsible for laying down the law in US ports, can now declare "Security zones," inside of which they'll have broad authority to prevent "Access of persons, articles, or things, including any data, information, network, program, system, or other digital infrastructure, to vessels, or waterfront facilities."

Apple says it's going to upgrade the cryptographic protocol used by iMessage to hopefully prevent the decryption of conversations by quantum computers, should those machines ever exist in a meaningful way. The protocol, dubbed PQ3, is intended to safeguard users' chats in some future era of quantum computing, when these computers may be able to break classical encryption methods and render today's messaging security obsolete.

Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban. Google Cloud Run is lets users deploy frontend and backend services, websites or applications, handle workloads without the effort of managing an infrastructure or scaling.

Two Chinese nationals face 20 years in prison after being caught and convicted of submitting over 5,000 fake iPhones worth more than $3 million to Apple with the goal of having them replaced with genuine devices. Apple offers a one-year warranty for new iPhones, enabling customers to return malfunctioning devices to Apple or authorized resellers for a replacement.

A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure. The worm searches for private keys in various locations, including shell history files, and uses them to stealthily spread to new systems after mapping the network.

CISA, the FBI, and the Environmental Protection Agency shared a list of defense measures U.S. water utilities should implement to better defend their systems against cyberattacks. The fact sheet they published today outlines the top eight actions U.S. Water and Wastewater Systems sector organizations can take to reduce cyberattack risks and boost their resilience against malicious activity.

Two Chinese nationals are facing a maximum of 20 years in prison after being convicted of mailing thousands of fake iPhones to Apple for repair in the hope they'd be replaced with new handsets. The Department of Justice says the pair submitted upwards of 5,000 "Inauthentic" iPhones to the tech giant "Intending to cause a loss of more than $3 million to Apple" between May 2017 and September 2019.

Infosec researchers say urgent patching of the latest remote code execution vulnerability in ConnectWise's ScreenConnect is required given its maximum severity score. In disclosing the maximum-severity authentication bypass vulnerability, ConnectWise also revealed a second weakness - a path traversal flaw with an 8.4 severity rating.