Security News

A phishing campaign targeting users of Outlook Web Access and Office 365 services collected thousands of credentials relying on trusted domains such as SendGrid. Using Zoom invites as a lure and an extensive list of email addresses, the operators of the phishing campaign delivered messages from hacked accounts on the SendGrid cloud-based email delivery platform.

Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. Members of all three forums are worried the incidents could serve as a virtual Rosetta Stone for connecting the real-life identities of the same users across multiple crime forums.

The CEO of Gab, a social network favored by the US political right, said the platform had been attacked by "Demon hackers" after an activist group released user data described as an important resource for research on the far right. The activist group called DDoSecrets Collective released the data over the weekend to Wired magazine, claiming it offered "a record of the culture" related to the violent siege of the US Capitol on January 6.

The UK's National Cyber Security Centre is now helping IoT gadget firm FootfallCam Ltd secure product lines following the recent digital burglary of its nursery webcam operation. Company director Melissa Kao confirmed to The Register that the NCSC, a sibling of UK spy agency GCHQ, was helping the company shore up security after its NurseryCam product was hacked last week.

The private sector should be legally obliged to disclose any major hacks of their systems, says Microsoft's president and top lawyer Brad Smith. While only Smith was willing to say categorically that it was Russia, FireEye's CEO Kevin Mandia noted that following an intensive investigation by his team, which included looking for clues in reams of decompiled code, they had concluded that the hack was "Not consistent with China, North Korea or Iran, and was most consistent with Russia."

The private sector should be legally obliged to disclose any major hacks of their systems, says Microsoft's president and top lawyer Brad Smith. While only Smith was willing to say categorically that it was Russia, FireEye's CEO Kevin Mandia noted that following an intensive investigation by his team, which included looking for clues in reams of decompiled code, they had concluded that the hack was "Not consistent with China, North Korea or Iran, and was most consistent with Russia."

Daycare camera product NurseryCam was hacked late last week with the person behind the digital break-in coming forward to tip us off. News of NurseryCam's compromise was conveyed to the company by The Register just after 5pm on Friday, leading the firm to tell parents: "On 17:18 Friday 19th February 2021, it has come to our attention of a cyber incident detected in our NurseryCam system."

Email security biz Mimecast not only fell victim to the SolarWinds hackers, leading to its own customers being attacked, it is also trimming its workforce amid healthy profits. Last month Mimecast revealed that one of its cryptographic certificates was purloined by the same team that smuggled a hidden backdoor into SolarWinds' Orion network monitoring software.

Reg reader Andy told us: "Got an email from SitePoint this morning saying that they had been hacked and some non-important stuff like names, email addresses, hashed passwords etc might have been stolen. Coincided with a big increase in spam that I've been getting but that's probably coincidence." An email sent to SitePoint users and seen by The Register confirmed the hack, though at the time of writing, the company has not published anything about it on its website or social media accounts.

Facebook told KrebsOnSecurity it seized hundreds of accounts - mainly on Instagram - that have been stolen from legitimate users through a variety of intimidation and harassment tactics, including hacking, coercion, extortion, sextortion, SIM swapping, and swatting. THE MIDDLEMEN. Facebook said it targeted a number of accounts tied to key sellers on OGUsers, as well as those who advertise the ability to broker stolen account sales.