Security News
The BlackByte ransomware gang is now breaching corporate networks by exploiting Microsoft Exchange servers using the ProxyShell vulnerabilities. Since researchers disclosed the vulnerabilities, threat actors have begun to exploit them to breach servers and install web shells, coin miners, and ransomware.
The UK's National Cyber Security Centre says it warned the owners of more than 4,000 online stores that their sites were compromised in Magecart attacks to steal customers' payment info. In Magecart attacks, threat actors inject scripts known as credit card skimmers into compromised online stores to harvest and steal the payment and/or personal info submitted by customers at the checkout page.
Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails. TrendMicro researchers have discovered an interesting tactic used of distributing malicious email to a company's internal users using the victim's compromised Microsoft exchange servers.
A new wave of attacks starting late last week has hacked close to 300 WordPress sites to display fake encryption notices, trying to trick the site owners into paying 0.1 bitcoin for restoration. The researchers discovered that the websites had not been encrypted, but rather the threat actors modified an installed WordPress plugin to display a ransom note and countdown when.
The U.S. Federal Bureau of Investigation on Saturday confirmed unidentified threat actors have breached one of its email servers to blast hoax messages about a fake "Sophisticated chain attack." "Vinny Troia wrote a book revealing information about hacking group TheDarkOverlord. Shortly after, someone began erasing ElasticSearch clusters leaving behind his name. Later his Twitter was hacked, then his website. Now a hacked FBI email server is sending this," Hutchins tweeted.
The Federal Bureau of Investigation email servers were hacked to distribute spam email impersonating FBI warnings that the recipients' network was breached and data was stolen. The emails pretended to warn about a "Sophisticated chain attack" from an advanced threat actor known, who they identify as Vinny Troia.
Trend Micro's ZDI has awarded $1,081,250 for 61 zero-days exploited at Pwn2Own Austin 2021, with competitors successfully pwning the Samsung Galaxy S21 again and hacking an HP LaserJet printer to play AC/DC's Thunderstruck on the contest's third day. Sam Thomas from team Pentest Limited was the one who compromised the Samsung Galaxy S21 running the latest Android 11 security updates on the third day using a unique three-bug chain and earning $50,000.
Contestants hacked the Samsung Galaxy S21 smartphone during the second day of the Pwn2Own Austin 2021 competition, as well as routers, NAS devices, speakers, and printers from Cisco, TP-Link, Western Digital, Sonos, Canon, Lexmark, and HP. So far, Trend Micro's Zero Day Initiative has awarded $777,500 over the first two days of Pwn2Own Austin, with $415,000 awarded during the second day and $362,500 won during the first day. The Synacktiv team maintains a slight lead in the Master of Pwn standings with 15 Master of Pwn points and $150,000 won so far, one point ahead of the DEVCORE team that has 14 points and has earned $140,000.
During the first day of Pwn2Own Austin 2021, contestants won $362,500 after exploiting previously unknown security flaws to hack printers, routers, NAS devices, and speakers from Canon, HP, Western Digital, Cisco, Sonos, TP-Link, and NETGEAR. At Pwn2Own Austin, security researchers will target mobile phones, printers, routers, network-attached storage, smart speakers, televisions, external storage, and other devices, all up to date and in their default configuration. Pwn2Own Austin's consumer-focused event was extended to four days after 22 different contestants registered for 58 total entries.
The U.S. Attorney's Office for the Southern District of New York has charged a man for illegally streaming MLB, NBA, NFL, and NHL games via the web and hacking into sports leagues' customer accounts. The charged individual is Joshua Streit, 30, of Minnesota, who allegedly streamed illegal re-broadcasts of major American sports leagues, including the Major League Baseball, National Basketball Association, National Football League, and the National Hockey League.