Security News

UPDATE. CD Projekt Red, the videogame-development company behind Cyberpunk 2077 and the wildly popular Witcher series, has suffered a ransomware attack that could soon result in troves of company data being dumped online - including game source code. The news comes on the heels of weeks of controversy over the company's blockbuster release of Cyberpunk 2077, which suffered glitches and console problems that engendered high levels of dissatisfaction among fans, who had waited more than a year for the much-hyped giant sandbox game.

Cybercriminals have been using a novel approach to exfiltrate data that involves directly injecting malicious Google Chrome extensions onto victims' Windows machines via the abuse of Google's cloud synching function. The malicious add-on is disguised as a "Forcepoint Endpoint Chrome Extension for Windows," with the attackers using the security company's logo to enhance an air of legitimacy.

British prosecutors can make use of evidence gathered by the French and Dutch police from encrypted messaging service EncroChat's servers thanks to a legal interpretation of whether RAM counts as data storage, the Court of Appeal has ruled. Multiple reporting restriction orders are in force on most EncroChat cases currently before the criminal courts - though those restrictions are not being applied to police forces and the National Crime Agency, both of which have been boasting since last year about EncroChat-linked arrests and convictions, and even the contents of EncroChat messages.

Simply put, Vanhoof relied on the fact that many older Nespresso setups rely on what's known as a stored-value wireless payment card, something that's similar to but importantly different from a modern credit card. Wireless in this case means that the card uses NFC, short for Near Field Communication, the same underlying technology that's used by credit cards, many modern door security cards and almost all passports issued in the past 10 years.

The sources, who spoke on condition of anonymity to discuss ongoing investigations, said the attackers used computer infrastructure and hacking tools previously deployed by state-backed Chinese cyberspies. While the alleged Russian hackers penetrated deep into SolarWinds network and hid a "Back door" in Orion software updates which were then sent to customers, the suspected Chinese group exploited a separate bug in Orion's code to help spread across networks they had already compromised, the sources said.

The US court system has banned the electronic submission of legal documents in sensitive cases out of concern that Russian hackers have compromised the filing system. The decision follows concerns last month that as a result of the SolarWinds fiasco - in which suspected Kremlin spies gained access to the networks of multiple US government departments via backdoored IT tools - the court system itself may have been hacked, making Highly Sensitive Documents accessible.

"In 2015, Juniper revealed a security breach in which hackers modified the software the company delivered to its customers," a Wyden statement read. "Researchers subsequently discovered that Juniper had been using an NSA-designed encryption algorithm, which experts had long argued contained a backdoor, and that the hackers modified the key to this backdoor." "The American people have a right to know why NSA did not act after the Juniper hack to protect the government from the serious threat posed by supply chain hacks. A similar supply chain hack was used in the recent SolarWinds breach, in which several government agencies were compromised with malware snuck into the company's software updates," the members wrote.

How he'll handle the logistics of the case could feel old school: Under new court rules, he'll have to print out any highly sensitive documents and hand-deliver them to the courthouse. The new rules for filing sensitive documents are one of the clearest ways the hack has affected the court system.

The Mimecast certificate compromise reported earlier in January is part of the sprawling SolarWinds supply-chain attack, the security firm has confirmed. Mimecast joins other cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys in being targeted in the attack.

Stack Overflow, the popular Q&A platform for programmers, this week shared technical information on how its systems were breached back in 2019, and it turns out that the hacker often viewed questions posted on Stack Overflow to learn how to conduct various activities on the compromised systems. The security breach was disclosed by Stack Overflow in mid-May 2019, and a few days later it admitted that the incident resulted in the details of some users being exposed.