Treasury Department slaps sanctions on IT security firms that it says supported Russia’s Foreign Intelligence Service carry out the attacks. The Biden administration Thursday officially blamed Russia’s Foreign Intelligence Service, SVR, for the cyberattack on SolarWinds and announced sanctions against a handful of IT security firms for helping enable that […]
Hacks & Attacks
As demand for travel, lodging, and concerts plummeted in 2020, bot traffic moved to more popular activities, such as e-commerce, healthcare, and government sites. Shifts in consumer activity due to the coronavirus pandemic altered the activity of automated software programs, also known as bots, in 2020, according to a new […]
There was also a sharp increase in overall malware volumes in the fourth quarter of 2020, COVID-19 related attack activity, and mobile malware, new data shows. For security teams, there was a lot more of everything to defend against in the final quarter of 2020 compared to previous months. PowerShell […]
Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2021-23281PUBLISHED: 2021-04-13 Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated remote code execution vulnerability. IPM software does not sanitize the date provided via coverterCheckList action in meta_driver_srv.js class. Attackers can send a specially crafted packet to make IPM connect to […]
A new campaign abuses legitimate website contact forms to send URLs that ultimately deliver the IcedID banking Trojan. Microsoft has warned organizations of a new attack campaign that uses legitimate website contact forms to deliver malicious links to businesses via emails containing fake legal threats. Websites typically have contact forms to […]
Researchers build a model to attribute attacks to specific groups based on tactics, techniques and procedures, and then figure out their next move. Microsoft is developing ways to use machine learning to turn attackers’ specific approaches to compromising targeted systems into models of behavior that can be used to automate […]
Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2021-25373PUBLISHED: 2021-04-09 Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. CVE-2021-25374PUBLISHED: 2021-04-09 An […]
Criminals stitch pieces of HTML together and hide them in JavaScript files, researchers report. Researchers with Trustwave SpiderLabs are warning of a phishing campaign that employs what it calls “HTML Lego” to deliver a fake login page. The phishing campaign is aimed at Microsoft 365 users and designed to mimic a Microsoft […]
Security researchers believe the presence of Morph Vox Pro could indicate APT-C-23 has new plans for their phishing campaigns. The discovery of voice-changing software on the server of APT-C-23 could have implications for the group’s future phishing attacks, Cado Security researchers report. APT-C-23, a group connected to attacks in the […]
Analysis of threat activity in mission-critical environments prompts CISA advisory urging SAP customers to apply necessary security patches and updates. Threat actors are actively exploiting unpatched vulnerabilities in SAP applications, including in mission-critical environments such as enterprise resource planning (ERP), supply chain management (SCM), product life cycle management (PLM), and […]