Attacks, Threats, and Vulnerabilities
Microsoft: Iran-linked hackers breached Office 365 customer accounts (The Record by Recorded Future) Microsoft said today that a new Iran-linked hacking group has targeted more than 250 Office 365 tenants and compromised accounts for less than 20.
Iran-linked DEV-0343 targeting defense, GIS, and maritime sectors (Microsoft Security Blog) MSTIC has observed DEV-0343 conducting extensive password spraying against more than 250 Office 365 tenants, with a focus on United States and Israeli defense technology companies, Persian Gulf ports of entry, or global maritime transportation companies with business presence in the Middle East.
Microsoft said it mitigated a 2.4 Tbps DDoS attack, the largest ever (The Record by Recorded Future) Microsoft said its Azure cloud service mitigated a 2.4 terabytes per second (Tbps) distributed denial of service attack this year, at the end of August, representing the largest DDoS attack recorded to date. Amir Dahan, Senior Program Manager for Azure Networking, said the attack was carried out using a botnet of approximately 70,000 bots primarily […]
Business as usual for Azure customers despite 2.4 Tbps DDoS attack (Microsoft Azure) The pace of digital transformation has accelerated significantly during COVID-19 pandemic, alongside the adoption of cloud services. Bad actors, now more than ever, continuously look for ways to take applications offline. Azure DDoS Protection Standard provides enhanced DDoS mitigation feature…
The covid tech that is intimately tied to China’s surveillance state (MIT Technology Review) Heat-sensing cameras and face recognition systems may help fight covid-19—but they also make us complicit in the high-tech oppression of Uyghurs.
Turkey and Vietnam pose hacking threat, says Microsoft (Register) It isn’t just the big dogs preparing to bite, warns Redmond
BlackTech Espionage Gang Adds to Malware Toolset (Decipher) Researchers at VB2021 localhost gave an inside look into new malware families that the BlackTech espionage group is now using.
NSA warns of ALPACA TLS attack, use of wildcard TLS certificates (The Record by Recorded Future) The National Security Agency has issued a technical advisory this week warning organizations against the use of wildcard TLS certificates and the new ALPACA TLS attack.
Twitch defaced with pictures of Jeff Bezos (The Verge) Hackers were able to replace images on Twitch for hours.
Trolls defaced Twitch’s website with pictures of Jeff Bezos, the latest security concern – CyberScoop (CyberScoop) Two days after an unnamed hacker leaked a trove Twitch data including the streaming platform’s source code and information about payments to streamers, users are still seeking answers.
Facebook and its apps suffer another outage. (New York Times) All of Facebook’s main products — Instagram, WhatsApp, Messenger and the “big blue app” of Facebook — were inaccessible to at least some users around 3 p.m. Eastern time.
New Research: The Threat of Ransomware to S3 Buckets (Ermetic) What leads to ransomware exposure in S3 buckets and the native mitigation tools you can leverage to prevent it.
Ermetic Finds Majority of AWS Accounts Surveyed are Vulnerable to Ransomware (Ermetic) In newly published research, Ermetic found identities that, if compromised, would place at least 90% of the S3 buckets in an AWS account at risk.
Phishers Get Clever, Use Math Symbols for Verizon Logo (INKY) A large category of phishing attacks comes under the heading of brand impersonation. What made these attacks interesting was their use of mathematical symbols as part of the Verizon logo.
The cost of hiring a hacker on the dark web (Comparitech) Hired hackers break into social media accounts, erase debts, and change students’ grades, says an analysis of hacking services on the darknet.
Four months later, Cox Media confirms ransomware attack (The Record by Recorded Future) The Cox Media Group, one of the largest media conglomerates in the US, has formally acknowledged a ransomware attack that crippled and took down live feeds for several TV and radio stations earlier this year, in June.
Intuit warns QuickBooks customers of ongoing phishing attacks (BleepingComputer) Intuit has warned QuickBooks customers that they are targeted by an ongoing phishing campaign impersonating the company and trying to lure potential victims with fake renewal charges.
Hackers could have stolen beer from BrewDog using bug that exposed details of 200,000 shareholders (Sky News) Vulnerabilities in the mobile app for the Scottish brewery and pub chain were in place for 18 months before being fixed, according to security researchers.
BrewDog exposed data of 200,000 shareholders for over a year (ZDNet) The beer’s on BrewDog, too.
Craft beer specialist Brewdog fixes serious app vulnerability (ComputerWeekly) Vulnerability in brewer’s mobile app could have resulted in serious consequences for its shareholders and customers.
Someone hijacked a Navy warship’s Facebook account so they could livestream ‘Age of Empires’ [UPDATED] (Task & Purpose) In all fairness, it is a great game.
Clearview AI has scraped 10 billion photos from the web (Computing) Clearview appears to have ignored demands from social media companies to stop taking images from their platforms
Google pulls ‘stalkerware’ ads that promoted phone spying apps (TechCrunch) Five stalkerware apps had ads pulled after violating Google’s policies on promoting spousal surveillance.
Security Patches, Mitigations, and Software Updates
Apple address actively exploited zero-day with OS updates (Computing) The company says it is aware of a report that the issue may have been actively exploited
Apple patches iPhone zero-day in iOS 15.0.2 (The Record by Recorded Future) Apple has released a security update on Monday for iPhone users to address a vulnerability in the iOS operating system that has been exploited in the wild.
Apache patch proves patchy – now you need to patch the patch (Naked Security) Once more unto the breach, dear friends, once more, and close up the hole of encoding dread.
DDoS Threat Report FHY 2021 (NexusGuard) Small bit-and-piece DDoS attacks boomed by 233% in the first half of 2021, revealed Nexusguard researchers in the Threat Report FHY 2021.
Sophisticated attacks on the rise: streaming industry targeted the most (Atlas VPN) As internet security tools improve, hackers need to come up with more advanced attack technologies as well. Sophisticated automated attacks emulate human behavior to evade detection. They can imitate human keystrokes and mouse movements. Such bots can trick standard bot-detection tools through human workers.
Opinion | These two brave journalists won the Nobel Peace Prize at just the right time (Washington Post) Maria Ressa and Dmitry Muratov demonstrate the essentiality of a free press in a crucial moment.
2021 SecureAge COVID & cybersecurity study
(SecureAge) In 2021 SecureAge surveyed 1,000 US-based…