Security News

RAF shoots down 'terrorist drone' over US-owned special ops base in Syria
2021-12-17 15:29

The RAF has scored its first air-to-air "Kill" - where an aircraft downs an enemy aircraft - for almost 40 years after shooting down a drone over Syria. "The engagement took place on 14 December when the drone activity was detected above the Al Tanf Coalition base in Syria," said the MoD. "RAF Typhoons conducting routine patrols in the area were tasked to investigate."

As CISA tells US govt agencies to squash Log4j bug by Dec 24, fingers start pointing at China, Iran, others
2021-12-15 23:31

Microsoft reckons government cyber-spies in China, Iran, North Korea, and Turkey are actively exploiting the Log4j 2.x remote-code execution hole. It's interesting this is coming to light as the US government's Cybersecurity and Infrastructure Security Agency tells all federal civilian agencies to take care of CVE-2021-44228 by December 24, 2021.

US lawmakers want to put NSO Group, 3 other spyware makers out of business with fresh severe sanctions
2021-12-15 20:50

Eighteen US Democratic lawmakers have asked the Treasury Department and State Department to punish Israel-based spyware maker NSO Group and three other surveillance software firms for enabling human rights abuses. In a letter [PDF] signed by US Senator Ron Wyden, House Intelligence Committee Chairman Adam Schiff, and 16 others, the legislators urge Secretary of the Treasury Janet Yellen and Secretary of State Antony Blinken to apply sanctions to the NSO Group, UAE-based DarkMatter Group, and EU-based Nexa Technologies and Trovicor, under the Global Magnitsky Act.

Ukraine arrests 51 for selling data of 300 million people in US, EU
2021-12-13 14:09

Ukrainian law enforcement arrested 51 suspects believed to have been selling stolen personal data on hacking forums belonging to hundreds of millions worldwide, including Ukraine, the US, and Europe. "As a result of the operation, about 100 databases of personal data relevant for 2020-2021 were seized," the Cyberpolice Department of the National Police of Ukraine said.

NSO Group’s Pegasus Spyware Used Against US State Department Officials
2021-12-13 12:16

NSO Group's descent into Internet pariah status continues. Its Pegasus spyware was used against nine US State Department employees.

Canadian charged with running ransomware attack on US state of Alaska
2021-12-08 19:02

A Canadian man is accused of masterminding ransomware attacks that caused "Damage" to systems belonging to the US state of Alaska. A federal indictment against Matthew Philbert, 31, of Ottawa, was unsealed yesterday, and he was also concurrently charged by the Canadian authorities with a number of other criminal offences at the same time.

US universities targeted by Office 365 phishing attacks
2021-12-07 20:23

US universities are being targeted in multiple phishing attacks designed to impersonate college login portals to steal valuable Office 365 credentials. These campaigns are believed to be conducted by multiple threat actors starting in October 2021, with Proofpoint sharing details on the tactics, techniques, and procedures used in the phishing attacks.

US State Dept employees’ phones hacked using NSO spyware
2021-12-03 17:55

Apple has warned at least nine US Department of State employees that their iPhones have been hacked by unknown attackers using an iOS exploit dubbed ForcedEntry to deploy Pegasus spyware developed by Israeli surveillance firm NSO Group. "On top of the independent investigation, NSO will cooperate with any relevant government authority and present the full information we will have," an NSO spokesperson separately told Motherboard.

FBI: Cuba ransomware breached 49 US critical infrastructure orgs
2021-12-03 17:16

The Federal Bureau of Investigation has revealed that the Cuba ransomware gang has compromised the networks of at least 49 organizations from US critical infrastructure sectors. "The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors," the federal law enforcement agency said.

EwDoor botnet targets AT&T network edge devices at US firms
2021-11-30 17:26

A recently discovered botnet is attacking unpatched AT&T enterprise network edge devices using exploits for a four-year-old critical severity Blind Command Injection security flaw. The botnet, dubbed EwDoor by researchers at Qihoo 360's Network Security Research Lab, targets AT&T customers using EdgeMarc Enterprise Session Border Controller edge devices.