Security News

A Florida teen accused of masterminding the hacks of several high-profile Twitter accounts last summer as part of a widespread cryptocurrency scam pled guilty to fraud charges in exchange for a three-year prison sentence. On July 15, 2020, Twitter suffered one of the biggest security lapses in its history after the attackers managed to hijack nearly 130 high-profile Twitter accounts pertaining to politicians, celebrities, and musicians, including that of Barack Obama, Kanye West, Joe Biden, Bill Gates, Elon Musk, Jeff Bezos, Warren Buffett, Uber, and Apple.

A 17-year-old high school senior along with her mother, Laura Rose Carroll, were arrested this week, charged with accessing student records in a fraudulent attempt to rig her school's Homecoming Queen election. The same district where her daughter attended Tate High School, the Washington Post reported.

The emergency patches for the recently disclosed critical vulnerabilities in Microsoft Exchange email server did not come soon enough and organizations had little time to prepare before en masse exploitation began. With patches released and proof-of-concept exploit code surfacing online, thousands of Microsoft Exchange servers worldwide continue to remain vulnerable and the number of attacks is still at a worrying level.

Swiss authorities on Monday confirmed a police raid at the home of a Swiss software engineer who took credit for helping to break into a U.S. security-camera company's online networks, part of what the activist hacker cited as an effort to raise awareness about the dangers of mass surveillance. The Federal Office of Justice said regional police in central Lucerne, acting on a legal assistance request from U.S. authorities, on Friday carried out a house search involving hacker Tillie Kottmann.

Veracode announced the launch of the Veracode Hacker Games. The two-week collegiate competition will challenge computer science and cybersecurity student teams from eight leading universities across the U.S. and the U.K., including University of Virginia, Tufts and University of Warwick, to test their secure coding skills and give them the opportunity to win individual prizes, plus $15,000 in charitable donations for the top universities.

The Biden administration is not planning to step up government surveillance of the U.S. internet even as state-backed foreign hackers and cybercriminals increasingly use it to evade detection, a senior administration official said Friday. The official said the administration, mindful of the privacy and civil liberties implications that could arise, is not currently seeking additional authority to monitor U.S.-based networks.

Commentary: Enterprises try their best to secure their data, but running on-premises mail servers arguably doesn't do this. We can have a debate about how soon enterprises should embrace cloud.

According to Bloomberg, one of the hacking crew, Tillie Kottmann, claimed to have accessed cloud-based camera surveillance company Verkada and found themselves face-to-face with a huge swathe of internal data. This data apparently included real-time feeds from up to 150,000 surveillance cameras at Verkada customer sites, as well as other real-time information such as access control data from Verkada customers.

The potentially devastating hack of Microsoft email servers, the second major cyberattack in months, adds pressure to the Biden administration as it weighs options for "Hacking back" or other moves to protect cyberspace. The latest hack exploiting flaws in Microsoft Exchange service is believed to have affected at least 30,000 US organizations including local governments and was attributed to an "Unusually aggressive" Chinese cyberespionage campaign.

With regards your question, I'm going to answer it in a bit more depth as there is a lot many realy do not realise both from a defenders and attackers point of view. The level of the attack signal rises and the level of the signals uncorrelated with the Zero Day attack go down do not remain covery long when you can "Go back in time" repeatedly with "Collect it All" databases.