Security News

Many Philips Hue smart light bulbs have a firmware flaw that leads hackers into an entire network, Check Point Research found. Security firm Check Point Research has released its findings that many Philips Hue smart light bulbs have a flaw in their firmware, which allows attackers to take control of an individual bulb, push malicious firmware to it, and spread other malicious software throughout a network.

Ekans, a recently discovered ransomware variant that's designed to target industrial control systems, appears to have some of the same characteristics found in Megacortex, malware that struck several high-profile targets in 2019, according to the security firm Dragos. It's also not clear whether the developers behind Eknas plan to target a region or specific organizations that use industrial controls systems, such as oil and gas firms, electric utilities or manufacturing facilities, according to the Dragos report.

TA505 - a sophisticated advanced persistent threat group that has targeted financial companies and retailers in several countries, including the U.S. - has returned with a campaign that uses HTML redirectors to deliver malicious Excel documents, according to Microsoft and other security researchers. This threat group is believed to have caused over $100 million in losses over the years, according to the U.S. Treasury Department, which published a report about the group in December when it issued sanctions against some of its members.

Recently released, eSentire's 2019 Threat Intelligence Report: Perspectives from 2019 and Predictions for 2020 provides visuals, data and written analysis, as well as practical recommendations for readers seeking to understand and better respond to the cybersecurity threat landscape. Nation states: Most nationally sponsored cybersecurity incidents take the form of espionage through data exfiltration.

Last year, SEO spam was the most frequently observed threat on compromised websites, according to a new report from GoDaddy-owned web security company Sucuri. Nearly two-thirds of infected websites had a form of SEO spam present, with database spam being the most prevalent form of infection.

A New York Times reporter apparently was targeted with spyware developed by the NSO Group as part of a campaign that may be linked to a Saudi Arabia group, which has previously been accused of hacking attempts against dissidents, journalists and human rights lawyers, according to the think tank Citizen Lab. The spyware used against the Times reporter likely was Israel-based NSO Group's Pegasus, which has been used by governments around the world to target journalists, activists and protestors, according to the new Citizen Lab report.

The United Nations headquarters in New York as well as the U.N.'s sprawling Palais des Nations compound in Geneva, its European headquarters, did not immediately respond to questions from the AP about the incident. The internal document from the U.N. Office of Information and Technology said 42 servers were "Compromised" and another 25 were deemed "Suspicious," nearly all at the sprawling United Nations offices in Geneva and Vienna.

The NHS has suffered 209 successful ransomware attacks since 2014, according to new figures based on Freedom of Information requests, but with a dramatic improvement since 2017, the year WannaCry ransomware hit the health service. The WannaCry attack in 2017 - famously thwarted by Brit white hat hacker Marcus Hutchins - caused a spike to 101 incidents and we know many of these were severe.

A spear-phishing campaign targeted a U.S. government agency for several months last year using emails with content about North Korea geopolitics as a lure, according to an analysis from Palo Alto Networks' Unit 42. It targeted five employees at a U.S. government agency - which the report did not identify - as well as two foreign nationals who had professional ties to North Korea, according to the Unit 42 report.

U.K. officials are considering a proposal to allow China's Huawei to play a limited role in providing certain equipment for the country's 5G rollout, which would defy calls from the U.S. for a complete ban of telecom gear from the company, Reuters reports. Britain's National Security Council, which is chaired by Prime Minister Boris Johnson, is scheduled to meet in the coming days to decide whether to deploy Huawei equipment within the country's 5G networks, according to Reuters, which cited unnamed U.K. government sources.