Security News

Dubbed 'PerSwaysion,' the newly spotted cyberattack campaign leveraged Microsoft file-sharing services-including Sway, SharePoint, and OneNote-to launch highly targeted phishing attacks. According to a report Group-IB Threat Intelligence team published today and shared with The Hacker News, PerSwaysion operations attacked executives of more than 150 companies around the world, primarily with businesses in finance, law, and real estate sectors.

Sophos XG Firewall hacked in the wild - hotfix available. Sophos has rushed out a hotfix for its XG Firewall products to close an SQL injection vulnerability - after hackers were spotted exploiting the hole in the wild.

Hackers working on behalf of the Vietnamese government attempted to break into Chinese organisations heading up the country's coronavirus response, according to infosec outfit FireEye. APT32, a hacking group previously linked to the Vietnamese government, tried to access the personal and professional email addresses of staff at China's Ministry of Emergency Management and the government of Wuhan, where it is believed the pandemic started, according to a report released by FireEye yesterday.

Independent record label Burning Shed has informed musos of a digital burglary involving the partial theft of its customer database, though no payment records were accessed. The advice to customers with poor security hygiene is that if they used their Burning Shed password on multiple accounts with different vendors, do the right thing immediately and update them.

The fact ís that yoü were ínfected wíth malware throügh an adült síte that yoü vísíted. Íf yoü are not famílíar wíth thís, wíll explaín.

The Terbium team reckons that these guides, which help newbie crooks through the process of things like setting up bank fronts, crafting phishing emails and stealing money out of victim accounts, make up just under half of all data transactions on the store. "What they have in common is detailed information on how to export an organization's current policies," Terbium Labs said of the guides.

The San Francisco International Airport disclosed this week two of its websites had been hacked and lead to the disclosure of some users' login credentials at both sites. "The attackers inserted malicious computer code on these websites to steal some users' login credentials," according to a message posted to both site's homepages by the SFO's Airport Information Technology and Telecommunications director.

Sophos experts discuss the biggest cybersecurity stories of the last week.

Dan Patterson speaks to cybersecurity expert Robert Lee about the capabilities of Russian hackers as well as the risks IoT and industrial IoT pose to smart cities. CNET and CBS News Senior Producer Dan Patterson spoke with cybersecurity company Dragos, Inc., Founder and CEO Robert Lee about the risks emerging technologies like IoT pose to smart cities and their infrastructures as well as Russia's involvement with hacking US elections.

Dragos, Inc., Founder & CEO Robert Lee talks to Dan Patterson about the risks of IoT as well as the capabilities of Russian hackers.