Security News
The COVID-19 pandemic continued to influence the cybercrime landscape in 2020, ESET reveals. Most notably, the new attack surface created by the shift to work from home brought further growth of Remote Desktop Protocol attacks, albeit at a slower rate compared to previous quarters.
Two new Android surveillanceware families have been found to target military, nuclear, and election entities in Pakistan and Kashmir as part of a pro-India, state-sponsored hacking campaign. "Some notable targets included an individual who applied for a position at the Pakistan Atomic Energy Commission, individuals with numerous contacts in the Pakistan Air Force, as well as officers responsible for electoral rolls located in the Pulwama district of Kashmir," the researchers said in a Wednesday analysis.
A researcher managed to breach over 35 major companies' internal systems, including Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber, in a novel software supply chain attack. Unlike traditional typosquatting attacks that rely on social engineering tactics or the victim misspelling a package name, this particular supply chain attack is more sophisticated as it needed no action by the victim, who automatically received the malicious packages.
A researcher managed to breach over 35 major companies' internal systems, including Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber, in a novel software supply chain attack. Unlike traditional typosquatting attacks that rely on social engineering tactics or the victim misspelling a package name, this particular supply chain attack is more sophisticated as it needed no action by the victim, who automatically received the malicious packages.
Social media is increasingly used to spread fake news. The same problem can be found on the capital market - criminals spread fake news about companies in order to manipulate share prices.
Microsoft has suspended free trials of their newly launched Windows 365 Cloud PC service after running out of available servers. Windows 11's October 2021 release date hinted in support docs.
An Internet Explorer zero-day vulnerability has been discovered used in recent North Korean attacks against security and vulnerability researchers. Last month, Google disclosed that the North Korean state-sponsored hacking group known as Lazarus was conducting social engineering attacks against security researchers.
Simply put, Vanhoof relied on the fact that many older Nespresso setups rely on what's known as a stored-value wireless payment card, something that's similar to but importantly different from a modern credit card. Wireless in this case means that the card uses NFC, short for Near Field Communication, the same underlying technology that's used by credit cards, many modern door security cards and almost all passports issued in the past 10 years.
As if that supply chain attack wasn't bad enough, SolarWinds has had to patch its Orion software again after eagle-eyed researchers discovered fresh vulnerabilities - including one that can be exploited to achieve remote code execution. Ziv Mador, security research veep at Trustwave, the firm that found the flaws, told The Register: "It's very severe, not only because of the ability to run unauthorized code on the Orion platform, but also because anyone on the network, not even someone that has [no] access to that server, can do that."
Microsoft has attributed a recently discovered campaign to target security researchers with custom malware through elaborate socially-engineered attacks to an APT group affiliated with North Korea-linked Lazarus Group. Given Microsoft's connection to the attacks, researchers from the Microsoft 365 Defender Threat Intelligence Team revealed Thursday in a blog post what they have seen of the campaign.