Security News

In 2019, a Chinese security researcher working with the internet security and antivirus company Qihoo 360 unveiled an intricately woven exploit: One that would allegedly let a remote attacker easily jailbreak an iPhone X iOS 12.1. Allegedly shows, a successful exploit would allow a remote attacker to jailbreak an iPhoneX, with the targeted user none the wiser, allowing the intruder to gain access to a victim's data, processing power and more.

Pulse Secure has fixed a zero-day vulnerability in the Pulse Connect Secure SSL VPN appliance that is being actively exploited to compromise the internal networks of defense firms and govt agencies. A day later, US Cybersecurity and Infrastructure Security Agency issued an emergency directive ordering federal agencies to mitigate the vulnerability within two days by disabling the Windows File Share Browser and Pulse Secure Collaboration features.

The past four months have exposed two high-profile attacks, which both had pundits declaring them the "Worst-ever" and "Unprecedented." They shared other similarities - both attacked businesses rather than individuals, and affected tens of thousands of organizations. The second hack was against Microsoft Exchange servers and had a more familiar trajectory: Attackers found a series of zero-day vulnerabilities that could be chained together to break into any Exchange servers that were internet-accessible - and steal all the emails and files stored on them.

Multiple one-click vulnerabilities have been discovered across a variety of popular software applications, allowing an attacker to potentially execute arbitrary code on target systems. The issues were discovered by Positive Security researchers Fabian Bräunlein and Lukas Euler and affect apps like Telegram, Nextcloud, VLC, LibreOffice, OpenOffice, Bitcoin/Dogecoin Wallets, Wireshark, and Mumble.

Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure SSL VPN appliance actively exploited in attacks against worldwide organizations and focused on US Defense Industrial base networks. To mitigate the vulnerability tracked as CVE-2021-22893, Pulse Secure advises customers with gateways running PCS 9.0R3 and higher to upgrade the server software to the 9.1R.11.

Latest video - watch now! We look at the recent FBI "webshell hacking" controversy from both sides.

Security response professionals are scrambling to measure the fallout from a software supply chain compromise of Codecov Bash Uploader that went undetected since January and exposed sensitive secrets like tokens, keys and credentials from organizations around the world. The hack occurred four months ago but was only discovered in the wild by a Codecov customer on the morning of April 1, 2021, the company said in a note acknowledging the severity of the breach.

President Biden is putting the final details on a plan to encourage American electric utilities to strengthen their cybersecurity protections against hackers in the next 100 days, amid increasing cyberattacks. The White House push to boost electrical grid security comes in the wake of a report that a full quarter of the 1,500 utilities across North America were infected with the SolarWinds malware, now formally attributed to Russian state actors.

We look at the big-money hacks from the 2021 Pwn2Own competition. We investigate the difficulties of hiring an assassin via the dark web.

Russia's infamous APT 29, aka Cozy Bear, was behind the SolarWinds Orion attack, the US and UK governments said today as America slapped sanctions on Russian infosec companies as well as expelling diplomats from that country's US embassy. "The Russian Intelligence Services' third arm, the SVR, is responsible for the 2020 exploit of the SolarWinds Orion platform and other information technology infrastructures. This intrusion compromised thousands of US government and private sector networks," said the US Treasury.