Tulsa Cybersecurity Attack Similar to Pipeline Attack
“I can’t share anything other than we know who did it,” Mayor G.T. Bynum said, adding that the city did not pay the hackers. “They wanted to talk with us about what (a ransom) would be for them not to announce (the attack) and we never engaged them.” Bynum said Tulsa’s computer security system identified…
Cring Ransomware Targets Industrial Organizations
At the beginning of 2021, the threat actors behind the Cring ransomware were observed launching numerous attacks on European industrial enterprises, forcing at least one organization to shut down a production site. The initial vector of attack was later identified as CVE-2018-13379, a vulnerability in the FortiOS SSL VPN web portal that could allow unauthenticated…
Details Disclosed for GitHub Pages Flaws That Earned Researchers $35,000
GitHub Pages is a service that individuals and organizations can use to host websites. The sites can be hosted on a custom domain or the github.io domain, and the code for the website is taken directly from a private or public GitHub repository. The pages themselves can also be private or public. Over the weekend,…
The Rise of Industrial IoT and How to Mitigate Risk
With the acceleration of digital transformation and convergence of IT and operational technology (OT) networks, Internet of Things (IoT) and Industrial IoT (IIoT) devices are becoming essential tools for companies in sectors including oil and gas, energy, utilities, manufacturing, pharmaceuticals, and food and beverage. Whether optimizing individual processes or entire factories and other critical infrastructure…
University of California Victim of Nationwide Hack Attack
A cybersecurity attack targeted a vulnerability in Accellion, a third-party vendor that is used to securely transfer files, the university said in a statement Wednesday. “We understand those behind this attack have published online screenshots of personal information, and we will notify members of the UC community if we believe their data was leaked in…
Financial Sector Remains Most Targeted by Threat Actors: IBM
Manufacturing and energy became the second and third most targeted industries last year, respectively. Retail and professional services rounded up the top five most targeted sectors, IBM says. In the latest installment of their annual X-Force Threat Intelligence Index, IBM Security also reveals that ransomware was the most popular attack method in 2020, with a…
Multiple Attack Groups Exploited Microsoft Exchange Flaws Prior to the Patches
Multiple attack groups are exploiting the critical Microsoft Exchange Server vulnerabilities patched last week – and the growing wave of global activity began before Microsoft released emergency fixes on March 2. Security firms including Red Canary and FireEye are now tracking the exploit activity in clusters and anticipate the number of clusters will grow over…
New Jailbreak Tool Works on Most iPhones
Unc0ver, a team of hackers behind the jailbreak tool, released a new tool that works on nearly every iPhone model and exploits a flaw that Apple reported was under active attack last month. The group says its new tool works on iOS 11 to iOS 14.3, which was rolled out in December 2020. It reportedly…
Security researchers targeted by North Korean hackers
Over the past few months, hackers have been trying to surreptitiously backdoor the computer systems of a number of security researchers working on vulnerability research and development at different companies and organizations, the Google Threat Analysis Group (TAG) has revealed on Monday. The hackers’ tactics The hackers, who Google TAG believes are backed by the…
Malwarebytes was breached by the SolarWinds attackers
A fourth malware strain wielded by the SolarWinds attackers has been detailed by Symantec researchers, followed by the disclosure of the attackers’ ingenous lateral movement techniques and the release of an auditing script by FireEye researchers that organizations can use to check their Microsoft 365 tenants for signs of intrusion. Then, on Tuesday, Malwarebytes CEO…
