Malwarebytes Targeted by SolarWinds Hackers
On Tuesday, Cybersecurity firm Malwarebytes conceded that it was targeted by the same hackers responsible for the SolarWinds attack, in which suspected Russian nation-state hackers compromised the systems of the IT management company in a sophisticated supply chain attack. Although Malwarebytes has not used any SolarWinds products, an internal investigation
DNSpooq Flaws Allow DNS Hijacking of Millions of Devices
Cyber researchers have found a set of seven flaws in the open-source software Dnsmasq. The vulnerabilities could allow for Domain Name System (DNS) cache poisoning attacks and remote code execution. Dnsmasq is a popular service used to catch DNS responses for both home and commercial routers and servers. The flaws
The aftermath of the SolarWinds breach: Organizations need to be more vigilant
In the wake of the SolarWinds breach in which several key US agencies were hacked in an espionage campaign likely perpetrated by Russian actors, security experts are voicing concerns regarding how organizations manage and implement cybersecurity best practices. It may be necessary for entities to change how they vet vendors
A Chinese hacking group is stealing airline passenger details
The Chinese hacking group referred to as Chimera has allegedly been stealing airline passenger details over the past few years with the goal of tracking the movement of persons of interest. Chimera has been tracked by cybersecurity groups and is believed to be operating in the interest of the Chinese
Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’
Microsoft is allegedly pushing a domain controller “enforcement mode” by default to help mitigate the threat posed by the critical Zerologon flaw. Microsoft is aiming to force all companies to update their systems and address the flaw, as it represents a severe security risk to businesses, agencies, and organizations. Microsoft
Livecoin slams its doors shut after failing to recover from hack, financial loss
The Russian cryptocurrency exchange company Livecoin has announced that it is shutting down permanently due to a cyberattack in which cybercriminals took control of Livecoin systems. The cyberattackers were aiming to tamper with exchange values. Exchange rates for currencies such as Bitcoin were changed by thousands of USD. Livecoin requested
UK Accidentally Deletes 150k Arrest Records
An unintentional erasure has plagued the United Kingdom’s government as employees rush to recover data. A technical issue seemingly caused 150,000 arrest records to be wiped from nationwide police databases. Initial investigation has pointed to human error and defective code that earmarked the wrong files for deletion as the culprit.
Google Boots 164 Apps from Play Marketplace for Shady Ad Practices
Google has removed roughly 164 malicious Andriod apps that have been downloaded a total of 10 million times from its Google Play marketplace. Google’s reasoning behind removing the apps is that they were delivering malicious and disruptive advertisements. The move is similar to last year’s crackdown on out-of-context ads. The
NSA Appoints Rob Joyce as Cyber Director
US cybersecurity official Rob Joyce has been named the new leader of the National Security Agency’s (NSA) Cybersecurity Directorate. Joyce was previously the NSA’s top representative in the UK. Joyce will replace Anne Neuberger, who was recently appointed Deputy National Security Advisor for Cyber and Emerging Technology on the National
Ongoing ransomware attack leaves systems badly affected, says Scottish environment agency
The Scottish Environment Protection Agency (SEPA) confirmed this week that they are still struggling to mend systems after a ransomware attack hit the agency last month. SEPA stated that its contact center, internal systems, processes, and internal communications have all been impacted by the attack. The attack occurred on Christmas