Security News
Three former US intelligence and military operatives broke America's weapons export and computer security laws by, among other things, helping the United Arab Emirates hijack and siphon data from people's iPhones, it emerged on Tuesday. US citizens Marc Baier, 49, and Ryan Adams, 34, and ex-citizen Daniel Gericke, 40, were charged [PDF] with using "Illicit, fraudulent, and criminal means, including the use of advanced covert hacking systems that utilized computer exploits obtained from the United States and elsewhere, to gain unauthorized access to protected computers in the United States and elsewhere and to illicitly obtain information ... from victims from around the world."
The questions have gotten more sophisticated and less suspicious. I've noticed a significant uptick in Facebook questions that ask users to answer seemingly innocent questions one wouldn't think could put anyone in danger.
The Jenkins team issued a reminder over the weekend that one should keep one's systems patched as it found itself with a compromised Confluence service. Although the affected instance of Confluence integrated with the company's identity system, the group said: "At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected."
The US Securities and Exchange Commission has warned investors to be "Extremely wary" of potential investment scams related to Hurricane Ida's aftermath. This alert comes from SEC's Office of Investor Education and Advocacy, which regularly issues investor alerts to warn investors about the latest investment frauds and scams.
The massive attack on Microsoft Exchange servers in March may have been China harvesting information to train AI systems, according to US government officials and computer-security experts who talked to NPR. The plundering of these Exchange systems was attributed to Chinese government cyber-spies known as Hafnium; Beijing denied any involvement. It's said the crew exploited four zero-days in Redmond's mail software in a chain to hijack the servers and siphon off data.
The financially motivated FIN8 cybergang used a brand-new backdoor - dubbed Sardonic by the Bitdender researchers who first spotted it - in attempted breaches of networks belonging to two unidentified U.S. financial organizations. It's a nimble newcomer, researchers wrote: "The Sardonic backdoor is extremely potent and has a wide range of capabilities that help the threat actor leverage new malware on the fly without updating components," according to Bitdefender's report.
Executives and leaders from big tech, education, the finance sector, and infrastructure have committed to bolstering US interests' security during yesterday's White House cybersecurity summit. The Biden administration has added natural gas pipelines to the Industrial Control Systems Cybersecurity Initiative, aiming to strengthen critical infrastructure cybersecurity.
In a meeting with President Biden at the White House on Wednesday, Apple, Google, Microsoft and other companies announced their intentions to devote money and training toward strengthening U.S. cybersecurity. As one step, the White House said that the National Institute of Standards and Technology will work with businesses to improve the security of the technology supply chain.
The advanced persistent threat group is new, according to researchers who dubbed it SparklingGoblin. SparklingGoblin, according to ESET researchers who named and discovered the crime group and backdoor, is an offshoot of another APT Winnti Group, first identified in 2013 by Kaspersky.
A financially motivated cybercrime gang has breached and backdoored the network of a US financial organization with a new malware known dubbed Sardonic by Bitdefender researchers who first spotted it. Sardonic is a new C++-based backdoor the FIN8 threat actors deployed on targets' systems likely via social engineering or spear-phishing, two of the group's favorite attack methods.