Security News

PHP maintainer Nikita Popov has posted an update concerning how the source code was compromised and malicious code inserted - blaming a user database leak rather than a problem with the server itself. The PHP code repository was compromised late last month with the insertion of code that, if left in place, would have enabled a backdoor into any web server running it.

Active cyberattacks on known vulnerabilities in SAP systems could lead to full control of unsecured SAP applications, researchers are warning. "With more than 400,000 organizations using SAP, 77 percent of the world's transactional revenue touches an SAP system. These organizations include the vast majority of pharmaceutical, critical infrastructure and utility companies, food distributors, defense and many more."

The FBI received more than 19,000 complaints of business email compromises last year, costing victims around $1.8 billion. Among the many types of cyber crimes affecting organizations and individuals last year, business email compromises and email account compromises proved especially costly.

The UK's National Cyber Security Centre has reminded Brits to patch their Microsoft Exchange Server deployments against Hafnium attacks, 10 days after the US and wider infosec industry shouted the house down saying the same thing. The agency told press on Friday afternoon that it had proactively helped UK organisations fix around 2,100 affected mailservers following last week's out-of-band patches to resolve four zero-day vulnerabilities in Exchange Server.

An ever-evolving and rampant form of cybercrime that targets emails as the potential medium to conduct fraud is known as Business Email Compromise. This is why industry experts are coming up with email authentication protocols like DMARC to offer a high level of protection against impersonation.

Banks worry about business email compromise Spending more/significantly more on security is a 3-year trend. 86% of respondents from banks perceive business email compromise / authorized fraud to be the greatest risk to their business over the next 1-2 years.

Unknown hackers - possibly the Sandworm APT - have been compromising enterprise servers running the Centreon monitoring software for over three years, the French National Cybersecurity Agency has shared on Monday. The hackers exploited public-facing Centreon installations to gain access to the underlying system, and used that access to spread laterally through the target organizations' networks.

Two web skimmers have been discovered on the payment webpages of Costway, one of the top retailers in North America and Europe, which sells appliances, furniture and more. The skimmers are targeting consumers' credit-card payment details.

Fischbach and Alan Ross, chief architect at Forcepoint's X-Labs, champion a different solution: Indicators of Behavior. "IOBs are behaviors that are monitored to understand risk within an organization," Ross said in his article Indicators of Behavior-With 2020 Vision.

Email security company Mimecast has disclosed today that a "Sophisticated threat actor" compromised one of the certificates the company issues for customers to securely connect Microsoft 365 Exchange to their services. "Microsoft recently informed us that a Mimecast-issued certificate provided to certain customers to authenticate Mimecast Sync and Recover, Continuity Monitor, and IEP products to Microsoft 365 Exchange Web Services has been compromised by a sophisticated threat actor," Mimecast said earlier today.