Security News

US Census Bureau servers were breached on January 11, 2020, by hackers after exploiting an unpatched Citrix ADC zero-day vulnerability, as the US Office of Inspector General disclosed in a recent report. "The purpose of these servers was to provide the Bureau with remote-access capabilities for its enterprise staff to access the production, development, and lab networks. According to system personnel, these servers did not provide access to 2020 decennial census networks," the OIG said.

The mysterious thief who stole $600m-plus in cryptocurrencies from Poly Network has been offered the role of Chief Security Advisor at the Chinese blockchain biz. After Poly Network urged netizens, cryptoexchanges, and miners to reject transactions involving the thief's wallet addresses, the crook started giving the digital money back - and at least $260m of tokens have been returned.

T-Mobile US has begun admitting to the theft of 100 million user accounts in stages, confessing overnight that 8 million people's personal details had been stolen from its servers. In a statement the American mobile operator said: "Yesterday, we were able to verify that a subset of T-Mobile data had been accessed by unauthorized individuals. We also began coordination with law enforcement as our forensic investigation continued."

British defence tech specialist Ultra Electronics has been bought for £2.6bn by a US private equity firm, through a wholly owned UK subsidiary that was itself once a proud standalone business. Ultra's acquisition by Cobham Group plc, owned by US fund Advent International, sees the defence firm's shareholders receive £35 per share - as well as ownership of the critical Royal Navy supplier passing to a foreign entity, albeit one headquartered in an allied country.

T-Mobile US is investigating claims that highly sensitive personal data of 100 million customers has been stolen and peddled via the dark web. The seller said it's likely T-Mobile US is up to speed on the security breach because a backdoor used to exfiltrate this data from the telco's servers had been closed.

The incentive for a business to implement a zero-trust architecture should be based on internal mandates, with consideration for how a security breach might impact others outside of the organization. A separate White House memorandum is already pushing critical infrastructure owners and operators to implement baseline security practices to protect national and economic security, as well as public health and safety.

The US Financial Industry Regulatory Authority warns US brokerage firms and brokers of an ongoing phishing campaign impersonating FINRA officials and asking them to hand over sensitive information under the threat of penalties. In a notice issued on Friday, the US financial industry regulator said that the phishing messages are being sent from multiple domains impersonating FINRA official sites.

Julian Assange has lost a legal scrap in court, this time over the US government's attempt to expand its grounds for extraditing him from England to stand trial in America. Uncle Sam is ultimately hoping to overturn a decision made in January blocking Assange's extradition on mental health grounds.

This undocumented spying option was also available at Google Cloud DNS and at least one other DNS-as-a-service provider. In a presentation earlier this week at the Black Hat USA 2021 security conference in Las Vegas, Nevada, Shir Tamari and Ami Luttwak from security firm Wiz, described how they found a DNS name server hijacking flaw that allowed them to spy on the dynamic DNS traffic of other customers.

Y Purdy, CSO for Huawei USA, believes the US needs to be more active in the development of global security standards rather than being aloof. "The US has fundamentally dropped the ball when it comes to participation in global security standards," Purdy told The Register.