Security News
Suspicions about the integrity of Huawei products among US government officials can be attributed in part to a 2012 incident involving a Huawei software update that compromised the network of a major Australian telecom company with malicious code, according to a report published by Bloomberg. The snooping code reportedly deleted itself, but Australia's intelligence services decided China's intelligence services were responsible, "Having infiltrated the ranks of Huawei technicians who helped maintain the equipment and pushed the update to the telecom's systems."
US Federal Civilian Executive Branch agencies have been ordered to patch the critical and actively exploited Log4Shell security vulnerability in the Apache Log4j library within the next six days. "To be clear, this vulnerability poses a severe risk. We will only minimize potential impacts through collaborative efforts between government and the private sector. We urge all organizations to join us in this essential effort and take action," CISA Director Jen Easterly said at the time.
US Federal Civilian Executive Branch agencies have been ordered to patch the critical and actively exploited Log4Shell security vulnerability in the Apache Log4j library within the next six days. The order comes through an emergency directive issued by the Cybersecurity and Infrastructure Security Agency today.
The RAF has scored its first air-to-air "Kill" - where an aircraft downs an enemy aircraft - for almost 40 years after shooting down a drone over Syria. "The engagement took place on 14 December when the drone activity was detected above the Al Tanf Coalition base in Syria," said the MoD. "RAF Typhoons conducting routine patrols in the area were tasked to investigate."
Microsoft reckons government cyber-spies in China, Iran, North Korea, and Turkey are actively exploiting the Log4j 2.x remote-code execution hole. It's interesting this is coming to light as the US government's Cybersecurity and Infrastructure Security Agency tells all federal civilian agencies to take care of CVE-2021-44228 by December 24, 2021.
Eighteen US Democratic lawmakers have asked the Treasury Department and State Department to punish Israel-based spyware maker NSO Group and three other surveillance software firms for enabling human rights abuses. In a letter [PDF] signed by US Senator Ron Wyden, House Intelligence Committee Chairman Adam Schiff, and 16 others, the legislators urge Secretary of the Treasury Janet Yellen and Secretary of State Antony Blinken to apply sanctions to the NSO Group, UAE-based DarkMatter Group, and EU-based Nexa Technologies and Trovicor, under the Global Magnitsky Act.
Ukrainian law enforcement arrested 51 suspects believed to have been selling stolen personal data on hacking forums belonging to hundreds of millions worldwide, including Ukraine, the US, and Europe. "As a result of the operation, about 100 databases of personal data relevant for 2020-2021 were seized," the Cyberpolice Department of the National Police of Ukraine said.
NSO Group's descent into Internet pariah status continues. Its Pegasus spyware was used against nine US State Department employees.
A Canadian man is accused of masterminding ransomware attacks that caused "Damage" to systems belonging to the US state of Alaska. A federal indictment against Matthew Philbert, 31, of Ottawa, was unsealed yesterday, and he was also concurrently charged by the Canadian authorities with a number of other criminal offences at the same time.
US universities are being targeted in multiple phishing attacks designed to impersonate college login portals to steal valuable Office 365 credentials. These campaigns are believed to be conducted by multiple threat actors starting in October 2021, with Proofpoint sharing details on the tactics, techniques, and procedures used in the phishing attacks.