Month: March 2023

Cloud Security

Issued by: CSO Online

Digital transformation is sweeping across the public and private sectors. This has pushed organizations to increasingly turn to hybrid and multicloud environments as a way to manage a sprawling digital infrastructure and growing mountains of data. But while cloud technology promises to increase collaboration among distributed workforces and quickly scale digital workloads, it also creates…

Vulnerabilities

Issued by: DataBreach Today

Last year was another bonanza in zero-days for Chinese state hackers, say security researchers in a report predicting a permanent uptick in nation-state exploitation of yet-unpatched vulnerabilities. Data taken from original research by cybersecurity firm Mandiant and from open-source reporting suggests zero-day exploitation is generally trending upward despite fluctuation from year to year in the…

News

Issued by: Dark Reading

As it moves into the final stretch of its regular season, the National Basketball Association said over the weekend that “an unauthorized third party” netted a database filled with the names and email addresses of fans. The data was housed by a newsletter service that it partners with, the NBA noted in a letter to…

Malware & Threats

Issued by: DataBreach Today

Chinese threat actors are turning security appliances into penetration pathways, forcing firewall maker Fortinet to again attempt to fend off hackers with a patch. Researchers from Mandiant say suspected Beijing hackers it tracks as UNC3886 has been targeting chip-based firewall and virtualization boxes. The group, it said in a Thursday blog post, exploited a now-patched…

Mobile Security

Issued by: Security Affairs

The author of the Xenomorph Android malware, the Hadoken Security Group, continues to improve their malicious code. In February 2022, researchers from ThreatFabric first spotted the Xenomorph malware, which was distributed via the official Google Play Store reaching over 50,000 installations. The banking Trojan was used to target 56 European banks and steal sensitive information…

Malware & Threats

Issued by: The Hacker News

A suspecting China-linked hacking campaign has been observed targeting unpatched SonicWall Secure Mobile Access (SMA) 100 appliances to drop malware and establish long-term persistence. “The malware has functionality to steal user credentials, provide shell access, and persist through firmware upgrades,” cybersecurity company Mandiant said in a technical report published this week. The Google-owned incident response…

News

Issued by: Security Week

One of the largest carriers in the US, AT&T has roughly 200 million wireless customers, but only a small percentage of the total has been impacted by the incident. “Approximately 9 million wireless accounts had their Customer Proprietary Network Information accessed,” AT&T said in an emailed statement. “We recently determined that an unauthorized person breached…