News

The Biden administration on Friday said it would require states to report on cybersecurity threats in their audits of public water systems, a day after it released a broader plan to protect critical infrastructure against cyberattacks. The Environmental Protection Agency said public water systems are increasingly at risk from cyberattacks that amount to a threat to public health. “Cyberattacks against critical infrastructure facilities, including drinking water systems, are increasing, and public water systems are vulnerable,”…

Read More

Cloud security startup Wiz warns of a widespread redirection campaign in which thousands of websites targeting East Asian audiences have been compromised using legitimate FTP credentials. In many cases, the attackers managed to obtain highly secure auto-generated FTP credentials, and used them to hijack the victim websites to redirect visitors to adult-themed content. Likely ongoing since September 2022, the campaign has resulted in the compromise of at least 10,000 websites, many owned by small companies…

Read More

The BlackLotus bootkit can bypass security protections on fully updated Windows 11 systems and persistently infect them, ESET’s analysis of the threat has revealed. New to the threat landscape – it emerged on underground forums in October 2022 – BlackLotus provides cybercriminals and advanced persistent threat (APT) actors with capabilities previously associated with nation-states, at the price of $5,000. The major threat posed by UEFI bootkits is well known: with control over the operating system’s…

Read More

Internet privacy company Proton can spot attacks on democracy in a country before they hit the headlines, simply by watching demand for its services explode, its chief told AFP. When Russia blocked access to independent news sites following its invasion of Ukraine a year ago, the small company which provides virtual private networks (VPNs) saw “a 9,000 percent increase in sign-ups over just a period of a few days”, company chief executive Andy Yen said…

Read More

Security researchers at Quarkslab have identified a pair of serious security defects in the Trusted Platform Module (TPM) 2.0 reference library specification, prompting a massive cross-vendor effort to identify and patch vulnerable installations. The vulnerabilities, tracked as CVE-2023-1017 and CVE-2023-1018, provide pathways for an authenticated, local attacker to overwrite protected data in the TPM firmware and launch code execution attacks, according to an advisory from Carnegie Mellon’s CERT coordination center.  From the CERT alert: “An…

Read More

The White House is giving all federal agencies 30 days to wipe TikTok off all government devices, as the Chinese-owned social media app comes under increasing scrutiny in Washington over security concerns. The Office of Management and Budget calls the guidance, issued Monday, a “critical step forward in addressing the risks presented by the app to sensitive government data.” Some agencies, including the Departments of Defense, Homeland Security and State, already have restrictions in place;…

Read More

As security teams look to foundational strategies to protect corporate assets, the reduction of attack surface throughout the organization has taken center stage. All sessions from SecurityWeek’s 2023 Attack Surface Management Summit are now available to watch on demand. If you missed any sessions, you can watch them now in the virtual conference center: Fireside Chat With Jason Chan, Former Netflix Security Chief What Our 2022 Data Reveals About the Most Pressing Exposures on Your Attack…

Read More

Marking the first anniversary of Russia’s war against Ukraine, several cybersecurity companies have published reports summarizing the impact of various types of cyber operations, just as the United States has issued a fresh warning for the West.  In the weeks before and immediately after Russia launched its war against Ukraine on February 24, 2022, Russia appeared to intensify its attacks in cyberspace, with distributed denial-of-service (DDoS) attacks, disruptive wiper malware, and misinformation campaigns.  While everyone…

Read More

The biggest military cyberwarfare exercise in Western Europe took place recently in Estonia. A total of 34 teams from 11 countries took part in a live-fire cyber battle.  Countries such as the US, UK, Japan, India, Italy, Estonia, Ukraine, Ghana, Kenya and Oman were represented by 750 experts at the Defence Cyber Marvel 2 (DCM2) exercise. Many of them participated remotely.  The seven-day event, led by the British Army, tested the response of participants to…

Read More

Legitimate Mac software applications are being trojanized with malware and uploaded to Pirate Bay. From here, software pirates are downloading the apps and unknowingly infecting themselves. One example involves a stealthy implementation of XMRig cryptojacking malware; but the process could be used for other malware. XMRig on Macs is not new. Trend Micro analyzed a sample in February 2022: “We suspected that the Mach-O sample arrived packaged in a DMG (an Apple image format used…

Read More