Security News

"It's really highlighted the investments we need to make in cybersecurity to have the visibility to block these attacks in the future," Anne Neuberger, the newly appointed deputy national security adviser for cyber and emergency technology said Wednesday at a White House briefing. President Joe Biden plans to release an executive order soon that Neuberger said will include about eight measures intended to address security gaps exposed by the hack.

U.S. authorities are still working to unravel the full scope of the likely Russian hack that gave the "Sophisticated" actor behind the breach complete access to files and email from at least nine government agencies and about 100 private companies, the top White House cybersecurity official said Wednesday. Anne Neuberger, the newly appointed deputy national security adviser for cyber and emerging technology, also warned that the danger has not passed because the hackers breached networks of technology companies whose products could be used to launch additional intrusions.

Ninja Forms, a WordPress plugin used by more than 1 million sites, contains four critical security vulnerabilities that together make it possible for a remote attacker to take over a WordPress site and create various kinds of problems. Ninja Forms offers WordPress site designers the ability to create forms using a drag-and-drop capability, with no coding skills required.

North Korean hackers tried to break into the computer systems of pharmaceutical giant Pfizer in a search for information on a coronavirus vaccine and treatment technology, South Korea's spy agency said Tuesday, according to reports. The impoverished, nuclear-armed North has been under self-imposed isolation since closing its borders in January last year to try to protect itself from the virus that first emerged in neighbouring China and has gone on to sweep the world, killing more than two million people.

Many companies still expose SolarWinds Orion to the internet and have failed to take action following the disclosure of the massive SolarWinds breach, according to RiskRecon, a Mastercard company that specializes in risk assessment. Threat actors believed to be backed by Russia breached Texas-based IT management firm SolarWinds and used that access to deliver a piece of malware named Sunburst to roughly 18,000 customers who had been using the company's Orion monitoring product.

Senators are now demanding more information about the attacker's infiltration of the US court system, which has already been forced to make changes in how documents are filed as a result of the attack. "Highly sensitive documents should be stored in a secure paper filing system or a secure standalone computer system that is not connected to any network, particularly the internet. The AO will provide courts with model language for a standing or general order as well as advice and guidance on how to establish and securely maintain a standalone computer system if a court chooses that option."

On the heels of last week's lye-poisoning attack against a small water plant in Florida, the U.S. government's cybersecurity agency is pleading with critical infrastructure defenders to rip-and-replace Windows 7 from their networks as a matter of urgency. The government's latest appeal, issued via a joint advisory from the Cybersecurity and Infrastructure Security Agency, comes amidst reports that the remote hack of the water plant near Tampa Bay was being blamed on poor password hygiene and attacks on systems running Microsoft's out-of-service Windows 7 operating system.

Researchers say they found several stolen and leaked credentials for a Florida water-treatment plant, which was hacked last week. Researchers at CyberNews said they found 11 credential pairs linked to the Oldsmar water plant, in a 2017 compilation of stolen breach credentials.

The attack, which targeted the water supply in Oldsmar, a small city in Florida, was discovered by staff at the plant - they noticed the mouse moving on the screen - and they rushed to take action before any damage was caused. The attackers breached the facility via TeamViewer, which staff had been using to monitor systems remotely and respond to issues related to the water treatment process.

New details have emerged about the remote computer intrusion at a Florida water treatment facility last Friday, highlighting a lack of adequate security measures needed to bulletproof critical infrastructure environments. The breach involved an unsuccessful attempt on the part of an adversary to increase sodium hydroxide dosage in the water supply to dangerous levels by remotely accessing the SCADA system at the water treatment plant.