Security News

A 29-year old wiped data on systems of a secondary school in the U.K. and changed the passwords at an IT company, in retaliatory cyber attacks for being fired. At the beginning of the year on January 16, Adam Georgeson downloaded and deleted data from computers belonging to Welland Park Academy in Market Harborough, Leicestershire, and changed passwords of staff members.

In yet another indicator of how hacking groups are quick to capitalize on world events and improvise their attack campaigns for maximum impact, threat actors have been discovered impersonating Amnesty International to distribute malware that purports to be security software designed to safeguard against NSO Group's Pegasus surveillanceware. "Adversaries have set up a phony website that looks like Amnesty International's - a human rights-focused non-governmental organization - and points to a promised antivirus tool to protect against the NSO Group's Pegasus tool," Cisco Talos researchers said.

Apple has released security updates to fix a zero-day vulnerability exploited in the wild by attackers to hack into iPhones and Macs running older iOS and macOS versions. The zero-day patched today [1, 2] was found in the XNU operating system kernel and was reported by Erye Hernandez and Clément Lecigne of Google Threat Analysis Group, and Ian Beer of Google Project Zero.

"Time to find out who in your family secretly ran [a] QAnon hellhole," said attackers who affiliated themselves with the hacktivist collective Anonymous, noting that Epik had laughable security. Epik, the domain registrar known for hosting several large right-wing organizations, has confirmed a hack of its systems, a week after attackers branding themselves with the Anonymous hacktivist collective label said that the group had obtained and leaked gigabits of data from the hosting company, including 15 million email addresses.

Apparently, a nation-state hacked Alaska's Department of Health and Social Services. Not sure why Alaska's Department of Health and Social Services is of any interest to a nation-state, but that's probably just my failure of imagination.

While most of Azure Active Directory's security features require an enterprise Microsoft 365 account, an E3 or better, you can still get some benefit from Azure Active Directory from an Office 365 account. It's worth using these tools to see what exposure you have to drive-by attacks, where techniques like password dictionary sprays are used to break into poorly secured accounts.

What does continuous mean in this context? And how do you look for something when the haystack is as big as your entire security footprint? The philosophy of BAS tools is that you simulate what real attacks do inside networks based on patterns drawn from threat intelligence. "Historically, we built these tools for quality assurance and test labs. It was built by geeks for geeks as a pre-deployment lab tool," explains Keysight's VP of security solutions, Scott Register.

We knew the basics of this story, but it’s good to have more detail. Here’s me in 2015 about this Juniper hack. Here’s me in 2007 on the NSA backdoor.

After major cyberattacks on the Colonial Pipeline and on meat supplier JBS, the idea of allowing companies to launch cyberattacks back at cyber criminals was proposed. While hack back is gaining traction as a hot topic with some legal minds and policymakers, this approach is shortsighted and very likely to have unintended consequences.

Atlas VPN analyzed financial hacks over the last two-and-a-half years and found that DeFi hacks represent 76% of all major hacks for the first half of 2021.The problem has jumped from basically zero dollars lost to DeFi hacks in 2019 to $129 million in 2020 and $361 million in the first half of this year.