Latest

Application Security

Exchange Server Attacks Spread After Disclosure of Flaws

Jeremy Kirk  •  March 4, 2021

One day after Microsoft disclosed four serious flaws in Microsoft Exchange email servers, attackers are going on a wide hunt for vulnerable machines, some security experts say. The flaws could be exploited for creating backdoors for email accounts or installing ransomware and cryptominers.

Application Security

Microsoft Patches Four Zero-Day Flaws in Exchange

Jeremy Kirk  •  March 3, 2021

Microsoft issued emergency software patches on Tuesday for four zero-day vulnerabilities in its Exchange email server. The alarming vulnerabilities could allow a remote attacker into Exchange and possibly enable further lateral movement.

Cyberwarfare / Nation-State Attacks

Lazarus Group Tied to TFlower Ransomware

Akshaya Asokan  •  March 3, 2021

The Lazarus Group, a North Korean hacking operation also known as Hidden Cobra, is deploying TFlower ransomware, using its MATA malware framework, security firm Sygnia reports.

Forensics

Accellion Attack Involved Extensive Reverse Engineering

Mathew J. Schwartz  •  March 3, 2021

Using a nearly 20-year-old file transfer product - what could go wrong? Among the many lessons to be learned from the Accellion File Transfer Appliance mess is this: Attackers will devote substantial resources to reverse-engineer hardware, software or a service if there's a financial upside.

Cybercrime

Hackers Use Search Engine Optimization to Deliver Malware

Akshaya Asokan  •  March 2, 2021

A new malware loader dubbed "Gootloader" is using search engine optimization techniques to spread ransomware, Trojans and other malware, the security firm Sophos reports.

Forensics

Ryuk Ransomware Updated With 'Worm-Like Capabilities'

Mathew J. Schwartz  •  March 1, 2021

Prolific Ryuk ransomware has a new trick up its sleeve. "A Ryuk sample with worm-like capabilities - allowing it to spread automatically within networks it infects" was recently discovered during an incident response effort, warns CERT-FR, the French government's computer emergency response team.

3rd Party Risk Management

House SolarWinds Hearing Focuses on Updating Cyber Laws

Scott Ferguson  •  February 26, 2021

A pair of U.S. House committees held their first public hearings into the SolarWinds attack, with lawmakers and witnesses offering support for expanding federal cybersecurity laws to address the security failures. This includes a larger role for CISA to conduct threat hunting.

Cyberwarfare / Nation-State Attacks

Microsoft Releases Queries for SolarWinds Attack Detection

Prajeet Nair  •  February 26, 2021

Microsoft is making available the CodeQL queries it used to detect malicious implants in the massive supply chain attack that affected SolarWinds, tech firms and government agencies.

Cybercrime

Netherlands Cybercrime Increased by 127% in 2020

Prajeet Nair  •  February 26, 2021

Netherlands’ public prosecutor’s office, Openbaar Ministerie, reports that criminal cases with a cybercrime element were up 127% in 2020 compared to 2019.

Breach Notification

Analysis: Feds Crack Down on Cryptocurrency Scams

Anna Delaney  •  February 26, 2021

The latest edition of the ISMG Security Report features an analysis of a federal crackdown on ICO cryptocurrency scams. Also featured: An update on the SonicWall hack investigation and the use of digital IDs to verify COVID-19 testing.

Cryptocurrency Fraud

Not 'Above the Law' - Feds Target ICO Cryptocurrency Scams

Mathew J. Schwartz  •  February 25, 2021

Authorities have accused Serbia-based scammers of capitalizing on the "initial coin offering" bubble that began in 2017, bilking global cryptocurrency investors out of $70 million via Bitcoiin2Gen and other supposed coins and hiring actor Steven Seagal to endorse them.

Cyberwarfare / Nation-State Attacks

Senate SolarWinds Hearing: 4 Key Issues Raised

Scott Ferguson  •  February 24, 2021

The Senate Intelligence Committee's hearing about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions about what went wrong but also raised four key issues.