Cyberwarfare Archives - Page 7 of 10

Germany Protests to Russia Over Pre-Election Cyberattacks

Issued by: Security Week

Foreign Ministry spokeswoman Andrea Sasse said that a hacker outfit called Ghostwriter has been “combining conventional cyberattacks with disinformation and influence operations,” and that activities targeting Germany have been observed “for some time.” She said that, ahead of Germany’s parliamentary election on Sept. 26, there have been attempts – using phishing emails, among other things…

Malware & Threats

Hacked SolarWinds Software Lacked Basic Anti-Exploit Mitigation: Microsoft

Issued by: Security Week

The missing mitigation was flagged by Microsoft in a post mortem of last month’s zero-day attack that hit businesses using the SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP products. Microsoft originally shipped the mitigation — called ASLR (Address Space Layout Randomization) in Windows Vista back in 2006 as part of a larger plan…

Vulnerabilities

Biden, Tech Leaders Eye ‘Concrete Steps’ to Boost Cybersecurity

Issued by: Security Week

President Joe Biden and key cabinet officials were to host the chief executives of Apple, Google, Amazon and Microsoft along with leaders from the finance and utilities sectors, a senior administration official said. The gathering comes after hacks and data breaches which have targeted a major US oil pipeline, a meatpacking company, and the Microsoft…

Network Security

U.S. Infrastructure Bill Allocates $2 Billion to Cybersecurity

Issued by: Security Week

The Infrastructure Investment and Jobs Act includes funding for roads, bridges, transportation safety, public transit, railways, electric vehicle infrastructure, airports, ports, waterways, broadband internet, environmental remediation, and power infrastructure. The White House said this week that the bill will also invest approximately $2 billion to “modernize and secure federal, state, and local IT and networks;…

Vulnerabilities

Researchers Publish Details on Recent Critical Hyper-V Vulnerability

Issued by: Security Week

Tracked as CVE-2021-28476 with a CVSS score of 9.9, the security vulnerability impacts Hyper-V’s virtual network switch driver (vmswitch.sys) and could be exploited to achieve remote code execution or cause a denial of service condition. Hyper-V is a native hypervisor that provides virtualization capabilities for both desktop and cloud systems, and which Microsoft uses as…

Application Security

Firefox 90 Drops Support for FTP Protocol

Issued by: Security Week

Built on a client-server model architecture and in use for roughly five decades, FTP allows for the easy transfer of files and folders between computers. However, because data is transmitted unencrypted, the protocol has long been considered insecure. Secure variants do exist, including one that leverages SSL/TLS (FTPS), or the SSH File Transfer Protocol (SFTP)….

Malware & Threats

Threat Actors Target Kubernetes Clusters via Argo Workflows

Issued by: Security Week

The Intezer team identified a series of unprotected instances operated by organizations in technology, finance, and logistics sectors, which allowed anyone to deploy workflows. In some cases, the nodes have been targeted by malicious actors to deploy crypto-miners. An open-source, container-native workflow engine that runs on Kubernetes, Argo Workflows allows users to run parallel jobs…

Cloud Security

Microsoft Acquires Cloud Security Start-up CloudKnox

Issued by: Security Week

The world’s largest software company said Wednesday it would acquire CloudKnox, a Silicon Valley startup that sells tools to help companies manage and secure access to cloud accounts and data. Financial terms of the deal were not disclosed. CloudKnox, based in Sunnyvale, Calif., raised a total of $22.8 million in venture capital investments since its…

Malware & Threats

U.S. Government Attributes ICS Attacks to Russia, China, Iran

Issued by: Security Week

The FBI and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued a new joint advisory on a gas pipeline intrusion campaign allegedly conducted by Chinese state-sponsored hackers between 2011 and 2013. In addition, CISA has updated five advisories released between 2012 and 2017 to attribute malware and malicious activity to various nation states….

Network Security

Facebook: Iranian Hackers Target Military, Aerospace Entities in the US

Issued by: Security Week

Recent activity that Facebook associated with the group focused on military personnel, defense organizations, and aerospace entities primarily in the United States and, to a lesser extent, the U.K. and Europe, showing an escalation of the group’s cyberespionage activities. Active since at least 2018, Tortoiseshell was previously observed targeting information technology organizations in the Middle…