Security News

T-Mobile has confirmed that threat actors hacked their servers in a recent cyber attack but still investigate whether customer data was stolen.Yesterday, news broke that a threat actor was selling the alleged personal data for 100 million T-Mobile customers after they breached database servers operated by the mobile network.

A large number of IoT systems could be exposed to remote hacker attacks due to serious vulnerabilities found in software development kits provided to device manufacturers by Taiwan-based semiconductor company Realtek. Firmware security company IoT Inspector said its researchers have identified more than a dozen vulnerabilities in SDKs provided by Realtek to companies that use its RTL8xxx chips.

Threat actors are actively exploiting Microsoft Exchange servers using the ProxyShell vulnerability to install backdoors for later access. ProxyShell is the name of an attack that uses three chained Microsoft Exchange vulnerabilities to perform unauthenticated, remote code execution.

" Home and small business routers under attack. The Navajo Nation's selfless cryptographic contribution to America.

All the malicious emails were sent via the Constant Contact mailing service using the compromised account of the United States Agency for International Development. "Analysis of the email headers revealed that the messages originated from Mailgun servers and passed email authentication for chipotle[.]com," says Inky.

The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors' offices around the country last year, the Justice Department said. The department said 80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York were breached.

Hackers have compromised an email marketing account belonging to the Chipotle food chain and used it to send out phishing emails, luring recipients to malicious links. The campaign sent out in three days at least 120 malicious emails from a hacked Mailgun account used by Chipotle for email marketing purposes.

The French National Agency for the Security of Information Systems on Wednesday issued an alert to warn organizations that a threat group tracked as APT31 has been abusing compromised routers in its recent attacks. The agency has shared indicators of compromise to help organizations detect potential attacks.

The U.S. Cybersecurity and Infrastructure Security Agency released an alert today about more than a dozen malware samples found on exploited Pulse Secure devices that are largely undetected by antivirus products. Today, CISA published analysis reports for 13 malware pieces, some of them comprised of multiple files, found on compromised Pulse Secure devices.

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware - used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others - was hacked. Most interesting is a list of over 50,000 phone numbers that were being spied on by NSO Group's software.