Security News

Codecov Bash Uploader Dev Tool Compromised in Supply Chain Hack
2021-04-16 02:47

Security response professionals are scrambling to measure the fallout from a software supply chain compromise of Codecov Bash Uploader that went undetected since January and exposed sensitive secrets like tokens, keys and credentials from organizations around the world. The hack occurred four months ago but was only discovered in the wild by a Codecov customer on the morning of April 1, 2021, the company said in a note acknowledging the severity of the breach.

Biden Races to Shore Up Power Grid Against Hacks
2021-04-15 20:09

President Biden is putting the final details on a plan to encourage American electric utilities to strengthen their cybersecurity protections against hackers in the next 100 days, amid increasing cyberattacks. The White House push to boost electrical grid security comes in the wake of a report that a full quarter of the 1,500 utilities across North America were infected with the SolarWinds malware, now formally attributed to Russian state actors.

S3 Ep28: Pwn2Own hacks, dark web hitmen and COVID-19 privacy [Podcast]
2021-04-15 18:59

We look at the big-money hacks from the 2021 Pwn2Own competition. We investigate the difficulties of hiring an assassin via the dark web.

It was Russia wot did it: SolarWinds hack was done by Kremlin's APT29 crew, say UK and US
2021-04-15 15:49

Russia's infamous APT 29, aka Cozy Bear, was behind the SolarWinds Orion attack, the US and UK governments said today as America slapped sanctions on Russian infosec companies as well as expelling diplomats from that country's US embassy. "The Russian Intelligence Services' third arm, the SVR, is responsible for the 2020 exploit of the SolarWinds Orion platform and other information technology infrastructures. This intrusion compromised thousands of US government and private sector networks," said the US Treasury.

US government confirms Russian SVR behind the SolarWinds hack
2021-04-15 14:54

The United States government is formally accusing the Russian government of the SolarWinds supply-chain attack that gave hackers access to the network of multiple U.S. agencies and private tech sector companies. The press release from the White House confirms past media reports citing unofficial sources that the Russian Foreign Intelligence Service, the SVR, was behind the SolarWinds hack.

Months After Hack, US Poised to Announce Sanctions on Russia
2021-04-15 10:09

The Biden administration is preparing to announce sanctions in response to a massive Russian hacking campaign that breached vital federal agencies, as well as for election interference, a senior administration official said. U.S. officials last month alleged that Russian President Vladimir Putin authorized influence operations to help Donald Trump in his unsuccessful bid for reelection as president, though there's no evidence Russia or anyone else changed votes or manipulated the outcome.

New WhatsApp Bugs Could've Let Attackers Hack Your Phone Remotely
2021-04-14 23:55

"The two aforementioned WhatsApp vulnerabilities would have made it possible for attackers to remotely collect TLS cryptographic material for TLS 1.3 and TLS 1.2 sessions," researchers from Census Labs said today. "With the TLS secrets at hand, we will demonstrate how a man-in-the-middle attack can lead to the compromise of WhatsApp communications, to remote code execution on the victim device and to the extraction of Noise protocol keys used for end-to-end encryption in user communications."

FBI hacks into hundreds of infected US servers (and disinfects them)
2021-04-14 18:38

As we explained in a recent Serious Security article on Naked Security, a crook who can upload a file into a Windows server directory where web data is stored doesn't merely get a chance to pollute your web server with fake content, as bad as that would be on its own. Despite several weeks of urgent warnings, not least from Naked Security, there are still plenty of unpatched servers out there just waiting to get pwned.

Over 600,000 stolen credit cards leaked after Swarmshop hack
2021-04-08 19:58

The hacking spree targeting underground marketplaces has claimed another victim as a database from card shop Swarmshop emerged on another forum. By the looks of it, the leak contains the records of the entire Swarmshop community along with all the stolen card data traded on the forum.

Senators Press for More on SolarWinds Hack After AP Report
2021-04-07 01:34

Key lawmakers said Tuesday they're concerned they've been kept in the dark about what suspected Russian hackers stole from the federal government and they pressed Biden administration officials for more details about the scope of what's known as the SolarWinds hack. The AP reported last month that suspected Russian hackers gained access to email accounts belonging to the Trump administration's acting homeland security secretary, Chad Wolf, and members of his department's cybersecurity staff whose jobs included hunting threats from foreign countries.