Cyber Security

This is where news and updates on Cyber Security are published on a daily basis.

0 Comments
Intelligence agencies in the US have released information about a new variant of 12-year-old computer virus used by China’s state-sponsored hackers targeting governments, corporations, and think tanks. Named “Taidoor,” the malware has done an ‘excellent’ job of compromising systems as early as 2008, with the actors deploying it on victim networks for stealthy remote access.
0 Comments
Michigan’s largest healthcare provider has warned around 6,000 patients that their data may have been exposed following a cyber-attack. The cybersecurity incident is the second phishing-related data breach to befall Beaumont Health in recent months.  In April, the organization started notifying 112,211 individuals that some of their personal health information (PHI) had been exposed. The warning came after a data
0 Comments
Many endpoint security vendors are beginning to offer their applications only in the cloud, sunsetting their on-premise offerings. This approach may be beneficial to the vendor, but many clients continue to need on-premise solutions. Vendors that sunset on-premise solutions force clients that prefer on-premise solutions to either change their operating environment and approach or change
0 Comments
A malware author has pleaded guilty to conspiracy for his role in a transnational cybercrime organization responsible for stealing over $568m.  Valerian Chiochiu, a.k.a. “Onassis,” “Flagler,” “Socrate,” and “Eclessiastes,” admitted being involved with one of the largest cyber-fraud enterprises ever created that victimized Americans in all 50 states and millions globally. The 30-year-old Moldovan national was living
0 Comments
Security researchers have outlined a new technique that renders a remote timing-based side-channel attack more effective regardless of the network congestion between the adversary and the target server. Remote timing attacks that work over a network connection are predominantly affected by variations in network transmission time (or jitter), which, in turn, depends on the load
0 Comments
Researchers have discovered a digital propaganda campaign focused on spreading false information and inciting hatred against the US and the North Atlantic Treaty Organization (NATO).  Dubbed Ghostwriter, the apparently well-resourced campaign has sought to portray the presence of American and NATO troops in Europe as aggressive and dangerous to local populations.  Tactics used to turn public opinion
0 Comments
The Council of the European Union has imposed its first-ever sanctions against persons or entities involved in various cyber-attacks targeting European citizens, and its member states. The directive has been issued against six individuals and three entities responsible for or involved in various cyber-attacks, out of which some publicly known are ‘WannaCry‘, ‘NotPetya‘, and ‘Operation
0 Comments
The University of Chicago has launched a new initiative that aims to increase the cybersecurity of America’s forthcoming presidential election. Election Cyber Surge will function as a matchmaker service, connecting US election officials concerned about cybersecurity with volunteers who are experts in the field. Officials will choose an area of particular weakness, and then choose from a
0 Comments
A 17-year-old teen and two other 19 and 22-year-old individuals have reportedly been arrested for being the alleged mastermind behind the recent Twitter hack that simultaneously targeted several high-profile accounts within minutes as part of a massive bitcoin scam. According to the U.S. Department of Justice, Mason Sheppard, aka “Chaewon,” 19, from the United Kingdom,
0 Comments
An American researcher has admitted stealing scientific trade secrets from a children’s hospital and selling them to China. Former Ohio resident Li Chen pleaded guilty yesterday to conspiring to steal scientific trade secrets and conspiring to commit wire fraud concerning the research, identification, and treatment of a range of pediatric medical conditions.  Chen and her husband, alleged
0 Comments
A view of the Q2 2020 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts With half a year passed from the outbreak of COVID-19, the world is now trying to come to terms with the new normal. But even with the initial panic settled, and
0 Comments
A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide—including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system. Dubbed ‘BootHole‘ and tracked as CVE-2020-10713, the reported vulnerability resides in the GRUB2 bootloader, which, if exploited, could potentially let attackers
0 Comments
Rite Aid‘s quiet use of facial recognition technology in its stores has ended after nearly a decade.   Since 2012, the American drugstore had gradually implemented the technology in 200 stores around the country, according to an investigation by Reuters. Analysis of where the technology had been deployed indicated that Rite Aid had primarily installed it in
0 Comments
The Bureau expects cybercriminals to increasingly abuse new threat vectors for large-scale DDoS attacks The Federal Bureau of Investigation (FBI) has issued an alert warning private sector organizations in the United States about a ramp-up in the use of built-in network protocols for large-scale distributed denial-of-service (DDoS) amplification attacks. “A DDoS amplification attack occurs when
0 Comments
Cybersecurity researchers today uncovered a completely undetectable Linux malware that exploits undocumented techniques to stay under the radar and targets publicly accessible Docker servers hosted with popular cloud platforms, including AWS, Azure, and Alibaba Cloud. Docker is a popular platform-as-a-service (PaaS) solution for Linux and Windows designed to make it easier for developers to create,
0 Comments
A vulnerability in the Integrated Dell Remote Access Controller (iDRAC) that could have allowed cyber-criminals to gain full control of server operations has been detected. The controller was designed for secure local and remote server management to help IT administrators deploy, update, and monitor Dell EMC PowerEdge servers. Path Traversal vulnerability CVE-2020-5366 was discovered by researchers Georgy