Security News

A federal agency has suffered a successful espionage-related cyberattack that led to a backdoor and multistage malware being dropped on its network. "The cyber-threat actor had valid access credentials for multiple users' Microsoft Office 365 accounts and domain administrator accounts," according to CISA. "First, the threat actor logged into a user's O365 account from Internet Protocol address 91.219.236[.]166 and then browsed pages on a SharePoint site and downloaded a file. The cyber-threat actor connected multiple times by Transmission Control Protocol from IP address 185.86.151[.]223 to the victim organization's virtual private network server."

Game players are affected by phishing campaigns, while gaming companies are getting hit by DDoS attacks, says Akamai. A new report from cybersecurity provider and content delivery network Akamai examines the trend in cyberattacks against gamers and gaming companies.

A state-sponsored threat group linked to China has been engaged in a five-month long cyberattack against the Vatican and other Catholic Church-related organizations. "RedDelta has largely remained unperturbed by the extensive public reporting on its targeting of the Vatican and other Catholic organizations," according to researchers with Recorded Future's Insikt Group in a report released Tuesday.

School is being conducted, cybercriminals are naturally taking notice of the season, which is why there's been an increase in attacks against academic facilities as of late. A Tuesday blog post published by cyber threat intelligence provider Check Point Research looks at the rise in such attacks across the US, Europe, and Asia, and offers advice on how schools can better protect themselves.

Hacker groups are ramping up activity as the US heads into the peak of election season. To help thwart such attempts, the US Department of State recently announced a multimillion-dollar bounty focused on identifying cybercriminals associated with foreign governments targeting US elections.

The U.S. election campaigns of both Donald Trump and Joe Biden have been targeted in a slew of recent cyberattacks, Microsoft said on Thursday. With the U.S. presidential election a mere two months away, in recent weeks cyberattacks targeting people and organizations involved in it have ramped up - including numerous attempts against Trump and Biden staffers, Microsoft said.

According to a Tuesday public announcement, Hartford's ransomware attack caused an outage of critical systems, including the school district's software system that delivers real-time information on bus routes. Other recent ransomware attacks include one that hit the Clark County school district, which includes Las Vegas, during its first week of school, potentially exposing personal information of employees.

SWIFT and BAE Systems published a report that describes the complex web of money mules, front companies and cryptocurrencies that criminals use to siphon funds from the financial system after a cyber attack. The report highlights the ingenuity of money laundering tactics to obtain liquid financial assets and avoid any subsequent tracing of the funds.

Gartner defines CPSs as "Systems that are engineered to orchestrate sensing, computation, control, networking and analytics to interact with the physical world." The security implications for such systems have been heightened as IT systems, IoT and the operational technology that controls physical systems continue to converge. At the same time, many companies are unaware that they have OT systems connected to enterprise networks; or, they may not be following proper network segmentation or other precautions.

Rew Little said in an interview with The Associated Press on Wednesday that tracking down the perpetrators of the attacks in recent weeks would be extremely difficult, as the distributed denial of service attacks are being routed through thousands of computers. One line of investigation is the emails sent to people in some of the targeted organizations demanding a ransom in exchange for stopping the attacks, Little said.