Security News

The United States and its allies have officially attributed the Microsoft Exchange server attacks disclosed in early March to hackers affiliated with the Chinese government. In a statement, the White House accused China of using "Criminal contract hackers" to conduct cyber operations.

US and allies, including the European Union, the United Kingdom, and NATO, are officially blaming China for this year's widespread Microsoft Exchange hacking campaign. The Biden administration attributes "With a high degree of confidence that malicious cyber actors affiliated with PRC's MSS conducted cyber espionage operations utilizing the zero-day vulnerabilities in Microsoft Exchange Server disclosed in early March 2021.".

Ireland dramatically loosened international travel restrictions on Monday, joining an EU-wide pandemic passport scheme weeks later than the rest of the bloc after a ransomware attack hobbled healthcare IT systems. All EU member states were connected to a matching digital Covid certificate system on July 1.

It's not a coincidence that most of the security tips given to smartphone users - such as refraining from opening suspicious links or downloading untrusted apps - also apply to PCs. But unlike PCs, smartphones contain a plethora of radios - typically cellular, Wi-Fi, Bluetooth and Near Field Communication - that enable wireless communication in a variety of circumstances, and these radios are designed to remain turned on as the user moves through the world. An IMSI catcher is equipment designed to mimic a real cell tower so that a targeted smartphone will connect to it instead of the real cell network.

REvil, the infamous ransomware cartel behind some of the biggest cyberattacks targeting JBS and Kaseya, has mysteriously disappeared from the dark web, leading to speculations that the criminal enterprise may have been taken down. REvil is one of the most prolific ransomware-as-a-service groups that first appeared on the threat landscape in April 2019.

Web infrastructure and website security company Cloudflare last month fixed a critical vulnerability in its CDNJS library that's used by 12.7% of all websites on the internet. CDNJS is a free and open-source content delivery network that serves about 4,041 JavaScript and CSS libraries, making it the second most popular CDN for JavaScript after Google Hosted Libraries.

Leading Swiss price comparison platform Comparis has notified customers of a data breach following a ransomware attack that hit and took down its entire network last week. "On 7 July, the Comparis Group was the victim of an organized cyber attack of a highly criminal nature. Comparis immediately took all the steps necessary to protect all data," the company explains in an official statement.

HUMAN Security announced its newly-named BotGuard and a range of new features to further help enterprise customers defend their website and mobile applications from sophisticated bot attacks and fraud. BotGuard is powered by the Human Verification Engine, which combines technical evidence, machine learning, and continuous adaptation to deliver "Human or not" bot detection decisions with accuracy.

SafeBreach announced the addition of new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, providing seamless access to SafeBreach's continuous security validation platform, to allow users to test their environment and device configurations. These built-in SafeBreach attacks markedly improve the capabilities of the lab; they enable PoCs to clearly demonstrate the effectiveness of various Microsoft Defender for Endpoint configurations and empower security teams to closely observe and review prevention, detection, and remediation features in action.

Marc Rogers: The Kaseya ransomware attack should be a wake-up call to all of us. SEE: Kaseya attack shows how third-party software is the perfect delivery method for ransomware.