Malware Group Leaks Millions of Stolen Authentication Cookies
After Elasticsearch left a server exposed without a password, a malware group infected the server with a strain that stole hundreds of thousands of passwords and millions of authentication cookies, then leaked this same data online for more than a month. During this time thieves had access to login credentials, credit card information, cryptocurrency wallets and browser data.
Scientists Admit Spectre Attacks Still Cause Vulnerabilities
Many thought we’d solved the problems brought to light by Spectre, the hardware flaw that made computers vulnerable to attack back in 2018, simply by patching devices. But it turns out, as computer scientists at the University of Virginia discovered this week, patching is not nearly enough because hackers can still get in and exploit using something called a “micro-op cache.” The industry is all in a twitter about it this week, after the team released their paper, “I See Dead µops: Leaking Secrets via Intel/AMD Micro-Op Caches” Read about it here.
Cyberattack on Password Company Passwordstate Jeapordizes 30,000 Customers
Users of Australian software company Passwordstate emailed customers last week warning them to ‘reset all passwords’ after attackers compromised the system to steal passwords from users connecting to networked devices such as VPNs, internal databases and more.
CISA Releases Alert on Exploitation of Pulse Connect Secure Vulnerabilities
CISA is aware of ongoing exploitation of Ivanti Pulse Connect Secure vulnerabilities compromising U.S. government agencies, critical infrastructure entities, and private sector organizations.
How the Russians Enabled the SolarWinds Attack
Russian hackers exploited gaps in U.S. defenses and spent months in government and corporate networks in one of the most effective cyber espionage campaigns of all time. This is how they did it.
Iran vows ‘revenge’ against Israel after nuclear site blackout
Tehran is blaming Israel for a recent cyberattack on the Natanz nuclear facility that, according to an Israeli media outlet, was targeted by the Mossad. The shutdown happened hours after Natanz reactor’s new centrifuges were started.
Microsoft says its time to start worrying more about firmware attacks
Businesses are too busy patching to worry about firmware attacks, according to a Microsoft-commissioned study. Microsoft’s inaugural Security Signals report for March 2021 shows that 80% of enterprises have experienced one firmware attack during the past two years, but less than a third of security budgets are dedicated to protecting firmware.
83% of Businesses Have Experienced Recent Firmware Attacks
According to Microsoft, more than 80% of enterprises have experienced at least one firmware attack in the past two years, but only 29% of security budgets are allocated to protect firmware
Hackers use Backdoor to Unleash Massive Ubiquiti Breach
Krebs reports on how hackers infiltrated devices at IoT vendor Ubiquiti, gaining backdoor access to Ubiquiti’s AWS cloud service servers. Access could have allowed intruders to authenticate on countless Ubiquiti devices globally but the company responded quickly to avoid disaster. But not without lessons…