Security News

Future of America's Cyber Safety Review Board hangs in balance amid calls for rethink
2024-01-18 18:30

As the US mulls legislation that would see the Cyber Safety Review Board become a permanent fixture in the government's cyber defense armory, experts are calling for substantial changes in the way it's organized. All three senior industry figures in attendance agreed that a greater degree of independence was required to ensure the reports produced by the board were as richly detailed as possible, answering the questions that those in the private sector typically haven't in the past.

Zimbra users in Europe, Latin America face phishing threat
2023-08-18 07:57

ESET researchers have uncovered a mass-spreading phishing campaign aimed at collecting Zimbra account users' credentials. Zimbra Collaboration is an open-core collaborative software platform, a popular alternative to enterprise email solutions.

Florida man accused of hoarding America's secrets faces fresh charges
2023-07-29 00:59

Federal prosecutors have expanded their criminal case against a famous Floridian and his loyal minions for allegedly mishandling national security secrets and not being forthright about the storage and handling of hundreds of classified documents. The charges include: attempting to destroy evidence; attempting to induce others to destroy evidence; and a further Espionage Act violation related to the unlawful retention of a top secret document about Iran.

Outlook for the web outage impacts users across America
2023-06-27 14:19

Microsoft is investigating an ongoing issue preventing some customers from accessing their Exchange Online mailbox through Outlook on the web. While Microsoft says this outage only impacts the North American region, user reports show that the issue might also affect users in South America.

Zero-day MOVEit Transfer vulnerability exploited in the wild, heavily targeting North America
2023-06-06 12:48

MOVEit is managed file transfer software from Progress, an application development and digital experience technologies provider. Aspx is the native file used by MOVEit Transfer for its web interface.

New Botnet Malware 'Horabot' Targets Spanish-Speaking Users in Latin America
2023-06-02 12:03

Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. "Horabot enables the threat actor to control the victim's Outlook mailbox, exfiltrate contacts' email addresses, and send phishing emails with malicious HTML attachments to all addresses in the victim's mailbox," Cisco Talos researcher Chetan Raghuprasad said.

Russian snoops just love invading unpatched Cisco gear, America and UK warn
2023-04-18 20:45

The UK and US governments have sounded the alarm on Russian intelligence targeting unpatched Cisco routers to deploy malware and carry out surveillance. In a joint advisory issued Tuesday, the UK National Cyber Security Centre, the NSA, America's Cybersecurity and Infrastructure Security Agency and the FBI provided details about how Russia's APT28 - aka FancyBear and Stronium - exploited an old vulnerability in unpatched Cisco routers in 2021 to collect network information belonging to European and US government organizations, and about 250 Ukrainian victims.

How insecure is America's FirstNet emergency response system? Seriously, anyone know?
2023-04-12 23:58

AT&T is "Concealing vital cybersecurity reporting" about its FirstNet phone network for first responders and the US military, according to US Senator Ron Wyden, who said the network had been dubbed unsafe by CISA. In a letter [PDF] sent to the US government's Cybersecurity and Infrastructure Security Agency and NSA, the senator called for an annual cybersecurity audit of FirstNet, citing a nearly half-decade old phone signalling protocol that miscreants and spies can exploit to track mobile devices and intercept their calls and texts. It's a nationwide network intended to allow police, firefighters, and paramedics to transmit data and communications across multiple regions and jurisdictions without worrying about the transmissions being lost to overcrowded networks, particularly during disasters.

Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen
2023-03-20 12:26

A banking trojan dubbed Mispadu has been linked to multiple spam campaigns targeting countries like Bolivia, Chile, Mexico, Peru, and Portugal with the goal of stealing credentials and delivering other payloads. "One of their main strategies is to compromise legitimate websites, searching for vulnerable versions of WordPress, to turn them into their command-and-control server to spread malware from there, filtering out countries they do not wish to infect, dropping different type of malware based on the country being infected," researchers Fernando García and Dan Regalado said.

PureCrypter Malware Targets Government Entities in Asia-Pacific and North America
2023-02-27 10:22

Government entities in Asia-Pacific and North America are being targeted by an unknown threat actor with an off-the-shelf malware downloader known as PureCrypter to deliver an array of information stealers and ransomware. "The PureCrypter campaign uses the domain of a compromised non-profit organization as a command-and-control to deliver a secondary payload," Menlo Security researcher Abhay Yadav said.