Sunday, March 7, 2021

U.S. issues warning after Microsoft says China hacked its mail server program

U.S. issues warning after Microsoft says China hacked its mail server program

The U.S. has issued an emergency warning after Microsoft said it caught China hacking into its mail and calendar server program, called Exchange.

The perpetrator, Microsoft said in a blog post , is a hacker group that the company has "high confidence" is working for the Chinese government and spies primarily on American targets. The latest software update for Exchange blocks the hackers, prompting the U.S. Cybersecurity and Infrastructure Security Agency, or CISA, to issue a rare emergency directive that requires all government networks do so.

Publisher: NBC News
Date: Wed Mar 03 2021 23:33:00 GMT 0000 UTC
Twitter: @NBCNews
Reference: (Read more) Visit Source



This may worth something:

North Dakota suspects Chinese hackers had control of public email servers during cyberattack |

"The fact of the matter is that we don't know what (Hafnium) did once they had the (hacking tools) on the servers," Ivahnenko said in a text message. "They may have just installed them and never touched them. They may have done something different on each computer they touched. What they did when they had control is still under investigation."

Bismarck Mayor Steve Bakken said the capital city's servers were not breached, but he was aware of the situation. Burleigh County Commission Chairwoman Kathleen Jones did not respond to a request for comment.

Publisher: The Dickinson Press
Twitter: @The Dickinson Press
Reference: (Read more) Visit Source



Chester Upland School District Says Hackers Took Millions – NBC10 Philadelphia

A law enforcement investigation is underway Friday after a school district reported it was missing an expected multimillion-dollar payment from the state, and a district official speculated it was due to hackers.

The receiver of the Chester Upland School District, Juan Baughn, told the Philadelphia Inquirer Thursday that "millions" were lost due to a "cyber issue."

A spokeswoman for the Delaware County District Attorney's office told NBC10 there is an active investigation into the claims, but could not comment further.

logo
Publisher: NBC10 Philadelphia
Date: 2021-03-05T11:28:09 00:00
Twitter: @nbcphiladelphia
Reference: (Read more) Visit Source



Three Top Russian Cybercrime Forums Hacked — Krebs on Security

At the top of a 35-page PDF leaked online is a private encryption key allegedly used by Maza administrators. The database also includes ICQ numbers for many users. ICQ, also known as “I seek you,” was an instant message platform trusted by countless early denizens of these older crime forums before its use fell out of fashion in favor of more private networks, such as Jabber and Telegram .

This is notable because ICQ numbers tied to specific accounts often are a reliable data point that security researchers can use to connect multiple accounts to the same user across many forums and different nicknames over time.

Twitter: @briankrebs
Reference: (Read more) Visit Source



Other things to check out:

How Apple's locked down security gives extra protection to the best hackers | MIT Technology

You've heard of Apple's famous walled garden, the tightly controlled tech ecosystem that gives the company unique control of features and security. All apps go through a strict Apple approval process, they are confined so sensitive information isn't gathered on the phone, and developers are locked out of places they'd be able to get into in other systems. The barriers are so high now that it's probably more accurate to think of it as a castle wall.

Virtually every expert agrees that the locked-down nature of iOS has solved some fundamental security problems, and that with these restrictions in place, the iPhone succeeds spectacularly in keeping almost all the usual bad guys out. But when the most advanced hackers do succeed in breaking in, something strange happens: Apple's extraordinary defenses end up protecting the attackers themselves.

Publisher: MIT Technology Review
Reference: (Read more) Visit Source



Social Engineering Attacks Hacking Humans Today - Security Boulevard

Social Engineering Changes
Chris began by discussing how social engineering has changed over the past year and what it looks like today.

" Even though it [social engineering] has been around since humans have been communicating, threat actors have been using horrible, catastrophic events of the past five years to start fake charities and scam people out of money. And now, with the COVID-19 pandemic, this attack surface has expanded into a global one.

* * *

" I believe we have now reached the most dangerous point in cybersecurity history to date. The broad amount of affordable computing power, legitimate infrastructure, open-source information, and sophisticated technology combine to make a recipe for an environment that is not good. Already, there has been a 3,000% increase in phishing attacks across communications channels ," he said.

logo
Publisher: Security Boulevard
Date: 2021-03-06T17:23:31 00:00
Twitter: @securityblvd
Reference: (Read more) Visit Source



Bloomberg - Are you a robot?
Reference: (Read more) Visit Source



Happening on Twitter

No comments:

Post a Comment