Security News

Russian internet and search company Yandex announced today that one of its system administrators had enabled unauthorized access to thousands of user mailboxes. The investigation revealed that the employee's actions led to the compromise of almost 5,000 Yandex email inboxes.

Russian internet and search company Yandex announced today that one of its system administrators had enabled unauthorized access to thousands of user mailboxes. The investigation revealed that the employee's actions led to the compromise of almost 5,000 Yandex email inboxes.

"Network connections employing obsolete protocols are at an elevated risk of exploitation by adversaries. As a result, all systems should avoid using obsolete configurations for TLS and SSL protocols." The NSA's alert adds on to an existing collective push for updating TLS protocols, with some of the biggest standards bodies and regulators mandating that web server operators ensure they move to TLS 1.2 before the end of 2020.

VMware has published a series of workarounds for critical command injection vulnerabilities in its Workspace One Access, Access Connector, Identity Manager and Identity Manager Connector products. A command injection vuln could allow malicious people who have network access to the "Administrative configurator on port 8443" together with "a valid password for the configurator admin account" to execute commands with "Unrestricted privileges on the underlying operating system," said VMware.

Infosec biz F-Secure has uncovered a North Korean phishing campaign that targeted a sysadmin with a fake Linkedin job advert using a General Data Protection Regulation themed lure. The sysadmin worked for a cryptocurrency business, said the threat intel firm, which made him a ripe target for the money-hungry state hackers Lazarus Group, aka APT38, supposedly backed by North Korea.

"The Vollgar attack chain also demonstrates the competitive nature of the attacker, who diligently and thoroughly kills other threat actors' processes," the firm said in a statement. Lead researcher Ophir Harpaz said in a research report: "Overall, Vollgar attacks originated in more than 120 IP addresses, the vast majority of which are in China. These are most likely compromised machines, repurposed to scan and infect new victims."

The extraordinary trial of a former CIA sysadmin accusing of leaking top-secret hacking tools to WikiLeaks has ended in a mistrial. Some of those motions will ask for information from the prosecution that was kept from her during the trial, most controversially the case of "Michael," a co-worker of Schulte who was put on administrative leave by the CIA when evidence emerged linking him to the theft of the Vault 7 hacking tools.

Oracle has released a sweeping set of security patches across the breadth of its software line. The January update, delivered one day after Microsoft, Intel, Adobe, and others dropped their scheduled monthly patches, addresses a total of 334 security vulnerabilities across 93 different products from the enterprise giant.

GCHQ offshoot says be on your guard Cybercrims are still likely to affect universities and other educational institutions online with ransomware, reckons GCHQ offshoot the National Cyber Security Centre.…

Fedir Oleksiyovich Hladyr is the first member of the infamous cybercrime network to be found guilty of hacking-related crimes in a US court.