All about Security, News, Events and Incidents

FireEye finds new malware likely linked to SolarWinds hackers bleepingcomputer.com | 4 March 2021

FireEye discovered a new "sophisticated second-stage backdoor" on the servers of an organization compromised by the threat actors behind the SolarWinds supply-chain attack.

 

Details about the Microsoft Exchange Server hack.

"At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software"
https://krebsonsecurity.com/2021/03...acked-via-holes-in-microsofts-email-software/
Edit:
Microsoft hack: White House warns of 'active threat'
https://www.bbc.com/news/world-us-canada-56304379

(Everything normal folks, it's just standard MS swiss cheese software in action)

 

That's a real disaster.

 

MICROSOFT, SECURITY
Microsoft releases one-click Exchange On-Premises Mitigation Tool bleepingcomputer.com

Microsoft has released a one-click Exchange On-premises Mitigation Tool (EOMT) tool to allow small business owners to easily mitigate the recently disclosed ProxyLogon vulnerabilities.




SECURITY
Hackers hide credit card data from compromised stores in JPG file bleepingcomputer.com

Hackers have come up with a sneaky method to steal payment card data from compromised online stores that reduces the suspicious traffic footprint and helps them evade detection.

 

SECURITY
Malware hidden in game cheats and mods used to target gamers bleepingcomputer.com
Threat actors target gamers with backdoored game tweaks, patches, and cheats hiding malware capable of stealing information from infected systems.

 

Huge Zoom flaw lets hackers completely take over your Mac or PC tomsguide.com | Today

There's a brand-new flaw in Zoom that lets a hacker completely take over your PC or Mac while you just sit by and watch — but so far, only a handful of people know how it works.

Two of those people are Dutch security researchers Daan Keuper and Thijs Alkemade, who demonstrated a working exploit of the security flaw yesterday (April 7) as part of the twice-yearly Pwn2Own hacking competition.

What you can do
If you want to play it safe for now, then use the Zoom browser interface instead of the Zoom desktop client. (Zoom will nudge you to install the desktop app when joining a meeting online, but you can ignore that.)

The Pwn2Own competition, now run by Trend Micro's Zero Day Initiative team, has been running since 2007.

White-hat hackers are given stock machines and software, all fully patched, and must demonstrate their exploits in real-time before a live audience. Winners must share their methods privately with the developers of the software they've hacked.


SECURITY
Windows 10 hacked again at Pwn2Own, Chrome and Zoom also fall bleepingcomputer.com

Contestants hacked Microsoft's Windows 10 OS twice during the second day of the Pwn2Own 2021 competition, together with the Google Chrome web browser and the Zoom video communication platform....


Data leak: 500 million LinkedIn user data for sale in underground forum borncity.de Posted on 2021-04-07

​

New data leak – in an underground forum, the user data of 500 million LinkedIn users is being offered for sale. A hacker has probably extracted them from the social network belonging to Microsoft and has already published two million user records as proof that the data is real.


Facebook will not notify the 500 million users affected by the latest data breach neowin.com · 2 hours ago

Facebook has acknowledged the latest data breach, but the company has confirmed that it won't notify users who were affected by the breach because it's not sure which users would need to be notified.

The silver lining here is that Troy Hunt managed to secure the database and he made it available to everyone. This way users can check if their personal details were leaked in the latest Facebook breach. Hunt also managed to secure the list of phone numbers that were leaked in the breach, giving users an easy way of checking if their phone numbers were leaked. You can take a look at our guide on how to check if your personal information was leaked during the breach. The Irish Data Protection Commission (DPC) has also taken note of the latest breach and is reviewing the details of the hack.

 

"Dutch supermarkets run out of cheese after ransomware attack"

- Last week, Bakker Logistiek suffered a ransomware attack that encrypted devices on their network and disrupted food transportation and fulfillment operations.

- "And in our warehouses we no longer knew where products were. These are very large warehouses, you don't just go looking for a pallet. We also couldn't plan our transports anymore. We have hundreds of trucks, which was not done by hand either."

- This disruption led to a shortage of certain food products, especially cheese, at the Netherland's largest supermarket chain, Albert Heijn.

https://www.bleepingcomputer.com/ne...ts-run-out-of-cheese-after-ransomware-attack/

---

That's hitting below the belt!

 

"NVIDIA releases Morpheus framework to detect security threats"

- NVIDIA has announced the release of its Morpheus framework that uses AI to detect and prevent security threats.

- It can detect leaks of unencrypted sensitive data, phishing attacks, and malware

- When used along with BlueField DPUs, it enables every compute node in a network to be used as a security sensor.

https://www.itopstimes.com/itops/nvidia-releases-morpheus-framework-to-detect-security-threats/

---

Green Goblin delving into AI Security nodes. Interesting!