Information

18 Jun

Microsoft Says Early June Disruptions to Outlook, Cloud Platform, Were Cyberattacks

Information, News

In early June, sporadic but serious service disruptions plagued Microsoft’s flagship office suite — including the Outlook email and OneDrive file-sharing apps — and cloud computing platform. A shadowy hacktivist group claimed responsibility, saying it flooded the sites with junk traffic in distributed denial-of-service attacks. Initially reticent to name the cause, Microsoft has now disclosed that DDoS attacks by the murky upstart were indeed to blame. But the software giant has offered few details —…

Read More
17 Jun

Stop Cyberbullying Day: Prevention is everyone’s responsibility

Information

Strategies for stopping and responding to cyberbullying require a concerted, community-wide effort involving parents, educators and children themselves Bullying of any kind can have a devastating impact on the victim’s well-being and life. Physical bullying, also known as face-to-face or in-person bullying, is still an issue in schools, with many researchers saying that its long-term consequences can be even worse than the immediate impacts – to the point that they may lead to changes in…

Read More
17 Jun

Is a RAT stealing your files? – Week in security with Tony Anscombe

Information

Could your Android phone be home to a remote access tool (RAT) that steals WhatsApp backups or performs other shenanigans? Could your Android phone be home to a remote access tool (RAT) that steals WhatsApp backups? This week, ESET researchers revealed how an updated version of Android GravityRAT spyware is being spread as free messaging apps called BingeChat and Chatico and used to exfiltrate victims’ WhatsApp backups, among other malicious actions. The threat actor behind…

Read More
16 Jun

MOVEit mayhem 3: “Disable HTTP and HTTPS traffic immediately”

Information

by Paul Ducklin Yet more MOVEit mayhem! “Disable HTTP and HTTPS traffic to MOVEit Transfer,” says Progress Software, and the timeframe for doing so is “immediately”, no ifs, no buts. Progress Software is the maker of file-sharing software MOVEit Transfer, and the hosted MOVEit Cloud alternative that’s based on it, and this is its third warning in three weeks about hackable vulnerabilities in its product. At the end of May 2023, cyberextortion criminals associated with…

Read More
16 Jun

In Other News: Linux Kernel Exploits, Update on BEC Losses, Cybersecurity Awareness Act

Information, News

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless crucial for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More
16 Jun

Russian National Arrested, Charged in US Over Role in LockBit Ransomware Attacks

Information, News

The US Justice Department on Thursday announced charges against a third Russian national allegedly involved in deploying the LockBit ransomware. The man, Ruslan Magomedovich Astamirov, 20, of Chechen Republic, Russia, who was arrested in Arizona, allegedly owned, controlled, and used multiple IP addresses, email addresses, and other online accounts to deploy the LockBit ransomware and communicate with victims. According to court documents, in at least one instance, authorities were able to trace a victim’s payment…

Read More
15 Jun

Android GravityRAT goes after WhatsApp backups

Information

ESET researchers analyzed an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can receive commands to delete files ESET researchers have identified an updated version of Android GravityRAT spyware being distributed as the messaging apps BingeChat and Chatico. GravityRAT is a remote access tool known to be used since at least 2015 and previously used in targeted attacks against India. Windows, Android, and macOS versions are available, as previously documented by…

Read More
15 Jun

S3 Ep139: Are password rules like running through rain?

Information, Malware

by Paul Ducklin DON’T GET INTO THE HABIT OF A BAD HABIT Magnetic core memory. Patch Tuesday and SketchUp shenanigans. More MOVEit mitigations. Mt. Gox back in the news. Gozi malware criminal imprisoned at last. Are password rules like running through rain? No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify,…

Read More
15 Jun

CISA, NSA Share Guidance on Hardening Baseboard Management Controllers

Information, News

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have published new guidance to help organizations harden baseboard management controllers (BMCs). Typically part of a motherboard, a BMC is a specialized service processor used for monitoring the physical state of a system, server, or other device, collecting information such as temperature, voltage, humidity, and fan speeds. Operating separately from the operating system and the system’s firmware (such as BIOS and UEFI),…

Read More
15 Jun

CISA Order Highlights Persistent Risk at Network Edge

Information, Insights

The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances. Under a new order from the Cybersecurity and Infrastructure Security Agency (CISA), federal agencies will have 14 days to respond to any reports from CISA about misconfigured or…

Read More