Microsoft Patches 4 Additional Exchange Flaws

Doug Olenick • April 13, 2021

Microsoft issued patches for its on-premises Exchange Server software, addressing four new critical vulnerabilities discovered by the National Security Agency. A zero-day vulnerability in Desktop Window Manager was also disclosed and patched.

Cybercrime

Ziggy Ransomware Gang Offers Victims Ransom Refunds

Latest

Cyberwarfare / Nation-State Attacks

Former DHS Leader Shares Details on SolarWinds Attack

Scott Ferguson • April 13, 2021

Chad Wolf, the former acting secretary for the Department of Homeland Security, has confirmed the accuracy of an earlier news report saying that the SolarWinds supply chain attackers gained access to his unclassified DHS email accounts, which included calendar details.

Cyberwarfare / Nation-State Attacks

Intelligence Report: 4 Nations Pose Serious Cyberthreat to US

Scott Ferguson • April 13, 2021

China, Russia, North Korea and Iran continue to pose significant cybersecurity threats to the U.S. because each is capable of launching disruptive attacks, according to a report published Tuesday by the Office of the Director of National Intelligence.

3rd Party Risk Management

Modern Bank Heists: Attackers Go Beyond Account Takeover

Tom Field • April 13, 2021

Brokerage account takeover, supply chain attacks, destructive attacks and those that seek to manipulate time or time stamps are among the latest threats uncovered in the new Modern Bank Heists report authored by Tom Kellermann at VMware Carbon Black.

Breach Notification

Cyberattacks on Health Insurers Continue

Marianne Kolbasuk McGee • April 13, 2021

A recent cyberattack on a Washington-based health plan, which the company believes was carried out by a foreign cybercrime group, is the latest in a series of hacking incidents targeting health insurers.

DDoS Protection

Millions of Devices Potentially Vulnerable to DNS Flaws

Doug Olenick • April 13, 2021

Forescout Research Labs and the Israeli security firm JSOF have found nine Domain Name System vulnerabilities affecting four TCP/IP stacks that, if exploited, could lead to remote code execution or denial-of-service attacks - potentially on millions of devices.

Anti-Phishing, DMARC

A Tale of 3 Data 'Leaks': Clubhouse, LinkedIn, Facebook

Jeremy Kirk , Mathew J. Schwartz • April 13, 2021

Criminals love to amass and sell vast quantities of user data, but not all data leaks necessarily pose a risk to users. Even so, the ease with which would-be attackers can amass user data is a reminder to organizations to lock down inappropriate access as much as possible.

Cybercrime

Texas Man Charged With Planning to Bomb AWS Data Center

Scott Ferguson • April 12, 2021

A Texas man is facing a federal charge after he allegedly tried to buy explosives from an undercover FBI agent to bomb an AWS data center in Virginia, according to the Justice Department. The suspect believed the bombing could interrupt 70% of internet traffic, prosecutors say.

Artificial Intelligence & Machine Learning

Microsoft to Buy Nuance Communications for $19.7 Billion

Marianne Kolbasuk McGee • April 12, 2021

Microsoft Corp. on Monday announced it will acquire cloud-based speech technology and artificial intelligence vendor Nuance Communications in an all-cash transaction valued at $19.7 billion. The deal is expected to close by the end of this year.

Cyberwarfare / Nation-State Attacks

Iranian Nuclear Site Shut Down by Apparent Cyberattack

Prajeet Nair • April 12, 2021

Israeli public media outlet Kan, citing intelligence sources, says an Israeli government cyberattack was responsible for the shutdown of an Iranian nuclear power facility on Sunday in what Iran describes as an act of "sabotage."

3rd Party Risk Management

Biden Seeks to Boost CISA's Budget by $110 Million

Akshaya Asokan • April 11, 2021

President Joe Biden is asking Congress to boost CISA's budget by $110 million to help enable the agency to address a range of cybersecurity issues following several high-profile incidents in the past six months.

Account Takeover Fraud

Visa Describes New Skimming Attack Tactics

Doug Olenick • April 9, 2021

Visa's Payment Fraud Disruption team reports that cybercriminals are increasingly using web shells to establish command and control over a retailers' servers during payment card skimming attacks.

Cyberwarfare / Nation-State Attacks

US Blacklists 7 Chinese Supercomputer Entities

Scott Ferguson • April 9, 2021

Citing national security concerns, the U.S. Commerce Department has placed seven Chinese supercomputer organizations on the Entity List, which effectively bars them from receiving supplies or components from U.S. companies.