Security News

On Thursday this week, we're holding a free webinar in which we'll give you a live explanation and demonstration of the "Follina" vulnerability. Although this bug is fairly easy to deal with, it nevertheless tells a fascinating story.

Russia and China have each warned the United States that the offensive cyber-ops it ran to support Ukraine were acts of aggression that invite reprisal. The US has acknowledged it assisted Ukraine to shore up its cyber defences, conducted information operations, and took offensive actions during Russia's illegal invasion.

A heightened state of defensive cyber security posture is the new normal, according to federal cyber security chiefs speaking at the RSA Conference on Tuesday. "There'll never be a time when we don't defend ourselves - especially in cyberspace," National Cyber Director Chris Inglis said, referencing an opinion piece that he and CISA director Jen Easterly published earlier this week that described CISA's Shields Up initiative as the new normal.

SSNDOB, an online marketplace that sold the names, social security numbers, and dates of birth of approximately 24 million US people, has been taken offline following an international law enforcement operation. The SSNDOB marketplace consisted of multiple sites acting as mirrors of each other to aid in preventing DDoS attacks or law enforcement operations.

Several US federal agencies today revealed that Chinese-backed threat actors have targeted and compromised major telecommunications companies and network service providers to steal credentials and harvest data. "Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting," the advisory explains.

Two two American gun shops, Rainier Arms and Numrich Gun Parts, that operate e-commerce sites have disclosed data breaches resulting from card skimmer infections on their sites. Credit card skimmers are malicious JavaScript code either embedded on the sites or fetched from a remote resource by a seemingly innocuous element, such as a favicon.

European governments and US local governments were the targets of a phishing campaign using malicious Rich Text Format documents designed to exploit a critical Windows zero-day vulnerability known as Follina. BleepingComputer is aware of local governments in at least two US states that were targeted by this phishing campaign.

America's military conducted offensive cyber operations to support Ukraine in its response to Russia's illegal invasion, US Cyber Command chief General Paul Nakasone has said. "The US brings to bear the formidable capabilities of Cyber Command against rogue nation states. Cyberspace is a new domain for warfare."

Several U.S. federal agencies warned organizations today against paying ransom demands made by the Karakurt gang since that will not prevent their stolen data from being sold to others. Karakurt, the data extortion arm of the Conti ransomware gang and cybercrime syndicate, is focused on stealing data from companies since at least June 2021 and forcing them into paying ransoms under the threat of publishing the information online.

New Jersey, was hit by a ransomware attack this week that hobbled its ability to conduct business, and also cut off access to essential data. The attack, which happened on Tuesday, took down email services for county government departments as well as leaving the county clerk's office "Unable to provide most services which are reliant on internet access." Somerset County residents were asked to contact government offices via Gmail addresses set up for various departments, or via phone.