Security News
An Iranian threat actor has unleashed a new cyberespionage campaign against a possible Lebanese target with a backdoor capable of exfiltrating sensitive information from compromised systems. Cybersecurity firm Check Point attributed the operation to APT34, citing similarities with previous techniques used by the threat actor as well as based on its pattern of victimology.
Belden has disclosed that additional data was accessed and copied during their November 2020 cyberattack related to employees' healthcare benefits and family members covered under their plan. In November 2020, Belden disclosed they had suffered a cyberattack where threat actors gained access and copied "Some current and former employee data, as well as limited company information regarding some business partners."
Microsoft has released an open-source cyberattack simulator that allows security researchers and data scientists to create simulated network environments and see how they fare against AI-controlled cyber agents. The Microsoft 365 Defender Research team created CyberBattleSim to model how a threat actor spreads laterally through a network after its initial compromise.
Supply chain attacks target the weakest spot in most every enterprise's security program: third-party access. The SolarWinds hack was a classic supply chain attack, compromising downstream organizations in order to traverse the victim's extended enterprise of customers, suppliers, vendors and other third parties to gain unauthorized access to their on-premises and cloud systems.
The question is, when does a cyberattack cross the line between a criminal action or mere prank, to an act of war? Is it the nature of the victim? The nature of the attacker? The nature of the damage? Or a combination of them all? Oxford's Reference Dictionary defines an act of war as: "An act by one nation intended to initiate or provoke a war with another nation; an act considered sufficient cause for war." That's a good definition, but it leaves some ambiguity when applied to the realm of cybersecurity.
Active cyberattacks on known vulnerabilities in SAP systems could lead to full control of unsecured SAP applications, researchers are warning. "With more than 400,000 organizations using SAP, 77 percent of the world's transactional revenue touches an SAP system. These organizations include the vast majority of pharmaceutical, critical infrastructure and utility companies, food distributors, defense and many more."
Brown University, a private US research university, had to disable systems and cut connections to the data center after suffering a cyberattack on Tuesday. The university's Computing & Information Services staff took "a number of aggressive steps to protect the University's digital resources, including shutting down connections to our central data center and systems within it."
An example of this is a recently revealed ransomware attack on the Broward County Public Schools district where threat actors demanded a $40,000,000 payment. According to the Broward County Public Schools website, the school system is the sixth-largest in the USA, with nearly 261,000 students and approximately 110,000 adult students in 241 schools, centers, and technical colleges, and 92 charter schools.
Of course, government servers are only one of the places tax data resides - our employers, third-party services and we ourselves have copies of it, and can be the source of potential data exposure. In February, the IRS warned of subtle phishing attacks targeting tax preparers, efforts designed to steal Electronic Filing Identification Numbers useful for mass-filing of fraudulent tax returns to pocket illegal refunds at-scale.
A top Biden administration official says the government is undertaking a new effort to help electric utilities, water districts and other critical industries protect against potentially damaging cyberattacks. The public-private partnership reflects the administration's concerns about the vulnerability of vital systems, including the electric grid and water treatment plants, to hacks that could cause catastrophic consequences to American life.