Dubbed SnapMC, the hacking group attempts to exploit multiple vulnerabilities in webserver and VPN applications for initial access and typically compromises victim networks in under 30 minutes. The group then exfiltrates victim data to leverage it for extortion, but doesn’t use ransomware or other means of disrupting the victim’s operations. SnapMC threatens to publish the…

The sanctions, foreshadowed for weeks by the administration, would represent the first retaliatory action announced against the Kremlin for last year’s hack, familiarly known as the SolarWinds breach. In that intrusion, Russian hackers are believed to have infected widely used software with malicious code, enabling them to access the networks of at least nine agencies…

New Google+ Breach Will Lead to Early Service Shutdown

As vulnerabilities go, it was the best sort: found by internal testing before it led to a security breach. Nevertheless, the latest Google+ software vulnerability was enough to push forward shutting down the service: Google now says it will be shuttered by April 2019 rather than the originally planned August 2019. According to Google, the…

Hackers Leverage AWS To Breach, Persist In Corporate Networks

A new body of evidence indicates threat actors are using increasingly advanced techniques to target cloud providers and leveraging cloud-specific traits to hide their activity as they breach and persist in target networks. Data comes from the Threat Stack security team, which spotted the pattern over multiple years of observing behavior on client networks. It…

Could an Equifax-sized data breach happen again?

Many global financial services organizations are targeted by sophisticated cyberattackers in an attempt to steal critical data and personally-identifiable information (PII), according to Vectra. Vectra disclosed that cyberattackers build hidden tunnels to break into networks and steal information. These tunnels are used to remotely control an attack, known as command-and-control, and steal data, known as…

Operator of World’s Top Internet Hub Sues German Spy Agency

Berlin – The operator of the world’s largest internet hub challenged the legality of sweeping telecoms surveillance by Germany’s spy agency, a German court heard Wednesday. The BND foreign intelligence service has long tapped international data flows through the De-Cix exchange based in the German city of Frankfurt. But the operator argues the agency is…

5 cybersecurity questions retailers must ask to protect their businesses

The Target breach in 2013 may not be the biggest retail breach in history, but for many retailers, it was their watershed moment. Point-of-sale (PoS) terminals were compromised for more than two weeks. 40 million card details and 70 million records of personal information swiped—part of which was “backlist,” historical transaction information dating back to more or less a…

Big Apple Flaw Allows Root Access to Macs without Password

Mac users and administrators need to be on the lookout for compromised machines after a security researcher disclosed late yesterday a big flaw in Apple’s macOS High Sierra platform that allows for password-less logins to root accounts. Publicly disclosed by software engineer Lemi Orhan Ergin via Twitter, the flaw allows someone with physical access to…