Cloud-based cyber-attacks flaring up during coronavirus pandemic

2020-05-29T09:30:15+02:00

Cybercriminals shift focus in an attempt to capitalize on home-working trend A huge increase in cyber-attacks targeting cloud services has accompanied the move by many organizations to get staff to working from home in response to the Covid-19 pandemic. A new study from McAfee reports that external attacks on cloud accounts grew sevenfold (up 630%) between January and April. [...]

Cloud-based cyber-attacks flaring up during coronavirus pandemic2020-05-29T09:30:15+02:00

Hacker veröffentlichen Daten nach Cyberangriff auf städtische IT in Österreich

2020-05-25T08:19:10+02:00

Eine Hackergruppe verkündet, die Verwaltung der Kleinstadt Weiz infiziert zu haben. Zum Beweis veröffentlicht sie interne Daten. Die Ransomware-Gruppe NetWalker hat die Computer der österreichischen Stadt Weiz mit Ransomware infiziert. Die dabei erbeuteten Daten wurden jetzt teilweise veröffentlicht. Die Kleinstadt Weiz liegt in der Oststeiermark (Österreich), wenige Kilometer von Graz entfernt, und ist das wirtschaftliche [...]

Hacker veröffentlichen Daten nach Cyberangriff auf städtische IT in Österreich2020-05-25T08:19:10+02:00

Easyjet hacked: 9 million people’s data accessed plus 2,200 credit card details grabbed

2020-05-19T15:20:19+02:00

Not clear yet on whether CVVs and expiry dates have been accessed too Budget British airline Easyjet has been hacked, it has told the stock markets, admitting nine million people's details were accessed and more than 2,000 customers' credit card details stolen. Some information about the attack was released to the London Stock Exchange by the company, [...]

Easyjet hacked: 9 million people’s data accessed plus 2,200 credit card details grabbed2020-05-19T15:20:19+02:00

Cyber attack against UK power grid middleman Elexon

2020-05-18T13:42:03+02:00

An important middleman in the UK's electrical power grid has suffered a cyber attack, though the lights are still on across good old Blighty. Elexon, which reconciles electricity supply to the National Grid and issues bills for undersupply or oversupply, was struck by what appears to be a partially contained ransomware attack, judging by its [...]

Cyber attack against UK power grid middleman Elexon2020-05-18T13:42:03+02:00

Thunderspy Attack – Critical Intel Thunderbolt Bug Let Attackers Hack PCs Within 5 Minutes

2020-05-12T08:00:17+02:00

Recently, a security expert at the Eindhoven University of Technology has exhibited that how a new attack method on Windows or Linux computers with support for the Thunderbolt port could allow anyone to hack devices in less than five minutes. Yes, just five minutes only!!! With the help of a new technique called Thunderspy, it [...]

Thunderspy Attack – Critical Intel Thunderbolt Bug Let Attackers Hack PCs Within 5 Minutes2020-05-12T08:00:17+02:00

Malware-Infektionen: Fresenius schränkt Produktion vorübergehend ein

2020-05-07T09:15:13+02:00

Ein Schadsoftware-Befall beeinträchtigt nach Angaben des Gesundheitsunternehmens derzeit die Produktion, nicht aber die Patientenversorgung. Das Gesundheits- und Medizintechnikunternehmen Fresenius hat nach eigenen Angaben Infektionen mit nicht näher bezeichneter Schadsoftware auf Unternehmensrechnern festgestellt. IT-Experten des Unternehmens arbeiten derzeit an der Lösung des Problems beziehungsweise an der Bereinigung der Systeme. Wie Unternehmenssprecher Steffen Rinas gegenüber heise online [...]

Malware-Infektionen: Fresenius schränkt Produktion vorübergehend ein2020-05-07T09:15:13+02:00

Multinational’s mobile endpoints engulfed by Cerberus banking trojan

2020-05-05T07:33:32+02:00

Compromised MDM server becomes vector for widespread malware campaign Attackers recently compromised more than 75% of a multinational conglomerate’s mobile devices with a new variant of the Cerberus Android banking trojan, security researchers have revealed. Upon gaining entry to the corporate network via the Mobile Device Manager (MDM) server, miscreants stole passwords and 2FA credentials, [...]

Multinational’s mobile endpoints engulfed by Cerberus banking trojan2020-05-05T07:33:32+02:00

Four IBM Zero-days Leaked Online After the Company Refused to Patch The Bugs

2020-04-22T08:15:49+02:00

Security researcher Pedro Ribeiro, Director of Research at Agile Information Security disclosed four zero-day vulnerabilities on GitHub after the company refused to fix them and accept. The vulnerabilities found with IBM Data Risk Manager (IDRM) enterprise security software, which helps business to uncover, analyze, and visualize data-related business risks. Four IBM zero-days While analyzing the [...]

Four IBM Zero-days Leaked Online After the Company Refused to Patch The Bugs2020-04-22T08:15:49+02:00

Zoom-again: Two Zoom Zero-Days Being Sold Online For $500,000

2020-04-20T14:24:34+02:00

Earlier this month multiple vulnerabilities discovered with Zoom’s Windows and macOS clients, those vulnerabilities allow attackers to escalate privileges with macOS and to steal login credentials with windows. Following that various sources confirmed that attackers selling Zoom login credentials, meeting IDs, names and host keys in the hacking forums. Zoom Zero-Day Exploit for $500,000 Motherboard reported that now hackers started selling [...]

Zoom-again: Two Zoom Zero-Days Being Sold Online For $500,0002020-04-20T14:24:34+02:00

Git security: Newline injection bug tricked version control system into leaking usernames and password

2020-04-16T09:02:27+02:00

When credential helpers give attackers a helping hand Injecting unintended values Git is widely used by software developers to project-manage code in open source projects. In a post on the Chromium blog, Wilhelm, senior information security engineer at Google Project Zero, outlined his discovery that attackers could use specially-crafted URLs containing an encoded newline to inject unintended values into the [...]

Git security: Newline injection bug tricked version control system into leaking usernames and password2020-04-16T09:02:27+02:00