Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code
However, internal products and systems were not leveraged to attack others during the massive supply-chain incident, the tech giant said upon completion of its Solorigate investigation.
Source: Threadpost
Cybercriminal Enterprise ‘Ringleaders’ Stole $55M Via COVID-19 Fraud, Romance Scams
The Department of Justice (DoJ) cracked down on a Ghana-based cybercriminal enterprise behind a slew of romance scams, COVID-19 fraud attacks and business email compromise schemes since 2013.
Source: Threadpost
Apple Outlines 2021 Security, Privacy Roadmap
Latest Apple Platform Security update folds iOS, macOS and hardware into security 2021 roadmap.
Source: Threadpost
Kia Motors Hit With $20M Ransomware Attack – Report
So far, Kia Motors America has publicly acknowledged an “extended system outage,” but ransomware gang DoppelPaymer claimed it has locked down the company’s files in a cyberattack that includes a $20...
Exploit Details Emerge for Unpatched Microsoft Bug
A malicious website or malicious ad can trigger an exploit for the IE zero-day bug, opening the door for data theft and code execution, new analysis notes.
Source: Threadpost
Mac Malware Targets Apple’s In-House M1 Processor
A malicious adware-distributing application specifically targets Apple's new M1 SoC, used in its newest-generation MacBook Air, MacBook Pro and Mac mini devices.
Source: Threadpost
SDK Bug Lets Attackers Spy on User’s Video Calls Across Dating, Healthcare Apps
Apps like eHarmony and MeetMe are affected by a flaw in the Agora toolkit that went unpatched for eight months, researchers discovered.
Source: Threadpost
Stolen Jones Day Law Firm Files Posted on Dark Web
Jones Day, which represented Trump, said the breach is part of the Accellion attack from December.
Source: Threadpost
Windows, Linux Devices Hijacked In Two-Year Cryptojacking Campaign
The WatchDog malware has flown under the radar for two years in what researchers call one of the 'largest' Monero cryptojacking attacks ever.
Source: Threadpost
Ninja Forms WordPress Plugin Bug Opens Websites to Hacks
The popular plugin is installed on more than 1 million websites, and has four flaws that allow various kinds of serious attacks, including site takeover and email hijacking.
Source: Threadpost