A fully weaponized exploit for the Spectre CPU vulnerability was uploaded on the malware-scanning website VirusTotal last month, marking the first time a working exploit capable of doing actual damage has entered the public domain. The exploit was discovered by French security researcher Julien Voisin.
When Rehoboth McKinley Christian Health Care Services in Gallup, New Mexico, was hit with a cyberattack earlier this year, the hospital's staff had to revert to pen and paper to keep things running. Publicly available details about the hack are scarce, and the hospital has declined to comment beyond confirming that the security breach briefly forced its staff off its computers.
Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, threat actors used this vulnerability to access on-premises Exchange servers, which enabled access to email accounts, and install additional malware to facilitate long-term access to victim environments.
When Twitter banned Donald Trump and a slew of other far-right users in January, many of them became digital refugees, migrating to sites like Parler and Gab to find a home that wouldn't moderate their hate speech and disinformation. Days later, Parler was hacked and then dropped by Amazon web hosting, knocking the site offline.
The Trump administration referred a record number of classified leaks for criminal investigation, totaling at least 334, according to a Justice Department document obtained by The Intercept under the Freedom of Information Act.
A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast... Winner: "Best Security Podcast 2018" and "Best Security Podcast 2019."
Mon, Mar 1, 2021 Report by Winnona DeSombre, James Shires, JD Work, Robert Morgus, Patrick Howell O'Neill, Luca Allodi, and Trey Herr The proliferation of offensive cyber capabilities (OCC)-the combination of tools; vulnerabilities; and skills, including technical, organizational, and individual capacities used to conduct offensive cyber operations-presents an expanding set of risks to states and challenges commitments to protect openness, security, and stability in cyberspace.
Key senators and corporate executives warned at a hearing on Tuesday that the "scope and scale" of the hacking of government agencies and companies, the most sophisticated in history, were still unclear.
Microsoft is warning customers that a new China state-sponsored threat actor is exploiting four previously undisclosed security flaws in Exchange Server, an enterprise email product built by the software giant.