Security News

Built on the foundation of ThreatQuotient's flexible data model and support for open intelligence sharing standards, ThreatQ Data Exchange makes it simple to set up bidirectional sharing of any and all intelligence data within the ThreatQ platform and scale sharing across multiple teams and organizations of all sizes. ThreatQ Data Exchange provides the ability to granularly define data collections for sharing, and easily connect and monitor a network of external systems with which to share data.

The Federal Bureau of Investigation warns cryptocurrency owners, exchanges, and third-party payment platforms of threat actors actively targeting virtual assets in attacks that can lead to significant financial losses. The FBI issued the warning via a TLP:GREEN Private Industry Notification designed to provide cybersecurity professionals with the information required to properly defend against these ongoing attacks.

The UK's financial watchdog has fired a warning shot across the bow of Binance, and ordered it to place a notice on binance.com scaring off Brit crypto fans. This seems to have come about because Binance, which is ultimately based in the Cayman Islands, wanted to launch an exchange in the UK using its London-based affiliate Binance Markets Ltd. Since the start of the year, cryptocurrency firms in Britain have had to register with the nation's Financial Conduct Authority and meet its anti-money-laundering and anti-terrorism-funding requirements.

Cryptocurrency exchange service Binance played an important part in the recent arrests of Clop ransomware group members, helping law enforcement in their effort to identify, and ultimately detain the suspects. Using the name FANCYCAT to refer to the group, Binance says that the criminals were laundering money resulting from ransomware attacks and various other illegal activities.

Cisco's Talos team said 35% of incidents led back to Microsoft Exchange Server vulnerabilities reported early in 2021, but new ransomware families have been appearing to fill the Emotet hole, too. Cisco's Talos Intelligence Group has released its incident response trends report for spring 2021, and found that Microsoft Exchange Server vulnerabilities reported in early 2021 were the most detected incident over the past three months.

Threat actors have deployed new ransomware on the back of a set of PowerShell scripts developed for making encryption, exploiting flaws in unpatched Exchange Servers to attack the corporate network, according to recent research. Researchers from security firm Sophos detected the new ransomware, called Epsilon Red, in an investigation of an attack on a U.S.-based company in the hospitality sector, Sophos Principal Researcher Andrew Brandt wrote in a report published online.

A new ransomware threat calling itself Red Epsilon has been seen leveraging Microsoft Exchange server vulnerabilities to encrypt machines across the network. Epsilon Red ransomware attacks rely on more than a dozen scripts before reaching the encryption stage and also use a commercial remote desktop utility.

Microsoft is investigating an Office 365 issue causing Outlook and Exchange Online emails to skip recipients' inboxes and being sent their junk folders instead. "We're investigating an issue in which email is being sent to the junk folder," Microsoft shared on the company's Microsoft 365 Status Twitter account. The Microsoft 365 Service health status page is currently directing customers to the Microsoft 365 Status Twitter account for more details regarding this ongoing incident.

Cyberattacks have long been seen as a threat to financial markets, but worries are becoming even more acute following a US pipeline hack that set off a public panic and forced the company to pay a ransom. Financial exchanges that manage daily transactions of tens or hundreds of billions of dollars are an appealing target for hackers.

In early March, Microsoft shocked businesses around the world when it issued a warning that Chinese cyber-espionage operators were chaining multiple zero-day exploits to siphon e-mail data from Microsoft Exchange servers around the world. In this exclusive session at SecurityWeek's Threat Intelligence Summit, Josh Grunzweig, Threat Intelligence Analyst at Volexity, the firm credited with discovering the original attack, will detail the original discovery of the Microsoft Exchange zero-day vulnerabilities that were exploited by targeted attackers in early 2021.