Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. SolarWinds has also revealed a new timeline for the incident and the discovery of two customer support incidents that they believe may be related to the Sunburst malware being deployed on…

The EU last year recorded around 450 cyber incidents involving European infrastructure, notably in the financial and energy sectors, and the pandemic has highlighted Europe’s deep dependence on the internet and exposed security weaknesses. The EU’s current Network Information System regulations date from 2008, and the European Commission’s new proposals aim to bring them up…

“We’re taking this step because of vulnerabilities that need to be addressed by mobile carriers and our reliance on having a linked phone number for two-factor authentication (we’re working on improving this),” Twitter said. It added, “We’ll reactivate this in markets that depend on SMS for reliable communication soon while we work on our longer-term…

Facebook Awards $40,000 Bounty for ImageTragick Hack

A researcher claims to have received a $40,000 bounty from Facebook for finding a remote code execution vulnerability introduced by the ImageMagick image processing suite. The said ImageMagick flaw, tracked as CVE-2016-3714 and dubbed “ImageTragick,” was disclosed in May 2016. The security hole had already been exploited in the wild and security firms soon started…

Obama orders review of election hacks as Trump doubts Russia’s role

President Barack Obama has ordered U.S. intelligence agencies to conduct a full review of the cyberattacks that allegedly tried to disrupt this year’s election, as his successor Donald Trump casts doubt over Russia’s possible involvement. Obama’s homeland security advisor Lisa Monaco first mentioned the need for the review while speaking to reporters on Friday morning, according…

San Francisco’s Muni transit system reportedly hit by ransomware

San Francisco’s Muni transit system was reportedly hit by ransomware since Friday, leading to the message “You Hacked, ALL Data Encrypted” being displayed on the computer screens at stations, according to newspaper reports. The message asked that cryptom27 at yandex.com should be contacted for the key to unlock the data.