Security daily (08-03-2021)

Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk

The Accellion hack has claimed another victim, this time a financial firm that boasts it’s the second-largest savings bank in the United States. Michigan-based Flagstar Bank recently began notifying affected customers that on Jan. 22, Accellion, an IT provider, relayed that a vulnerability in its file sharing platform had affected Flagstar. The software flaw has led to breaches at firms around the world, with hackers exploiting the Accellion vulnerability to victimize grocery chain Kroger, cybersecurity company Qualys, the Reserve Bank of New Zealand, the state of Washington, prominent law firm Jones Day (which counts former President Donald Trump among its clients) and perhaps others. “Unfortunately, we have learned that the unauthorized party was able to access some of Flagstar’s information on the Accellion platform and that we are one of numerous Accellion clients who were impacted,” Flagstar said in a notice on its website. The Clop ransomware gang, alternately known […] The post Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk appeared first on CyberScoop. (CyberScoop)

China-linked hackers exploited SolarWinds software in 2020 breach, researchers say

Suspected Chinese spies exploited popular enterprise software built by SolarWinds in a hacking operation last year, Dell-owned Secureworks said Monday, a conclusion that follows news that Russian hackers also leveraged SolarWinds technology. The suspected Chinese attackers had access to an unnamed private sector organization as early as 2018. Upon being evicted by incident responders, the hackers broke back into the organization in November 2020 by exploiting SolarWinds software, according to Secureworks. The findings underscore the premium that multiple sets of foreign operatives have apparently put on accessing valuable organizational data held by the SolarWinds Orion network monitoring software. The disclosure comes as U.S. organizations are also coping with another suspected Chinese spying operation that exploits Microsoft Exchange Server software to steal organizations’ emails. In both the suspected Russian and Chinese schemes involving SolarWinds, the attackers wrote malicious code tailored to exploit the Orion platform and sift through data stored on […] The post China-linked hackers exploited SolarWinds software in 2020 breach, researchers say appeared first on CyberScoop. (CyberScoop)

Spanish cops arrest four in 'FluBot' text hacking scheme

Police in Barcelona have arrested four hackers suspected to be behind a massive criminal scheme which has targeted tens of thousands of victims with malicious links impersonating banks in order to steal victims’ credentials and money. In the raid, which took place March 2, the police collected laptops, cash, documents, and other high-end mobile devices, the Criminal Investigation Division of the Barcelona Metropolitan Police Region said in an announcement. The scammers’ plot included sending bad links through SMS messages to victims, which, if clicked, would direct targets to fake pages imitating banking pages or mobile operators, where the hackers would then steal victims’ credentials and duplicate the victims’ SIM cards to take control of the victims’ phones, according to the release. The attacker-controlled sites were hosted on servers located in the Cayman Islands, according to law enforcement. The hackers would then make fraudulent money transfers with their newfound access and […] The post Spanish cops arrest four in 'FluBot' text hacking scheme appeared first on CyberScoop. (CyberScoop)

Naked Security Live – ICU: How much do your home-working photos give away?

I see you/And what you do - So be aware/Before you share - And if in doubt/Don't give it out! (Naked Security)

Supernova Malware Links Chinese Group To SolarWinds Hack

(News ≈ Packet Storm)

Ten Of Thousands Of Orgs Hit In Ongoing Exchange Hack

(News ≈ Packet Storm)

Intel, DoD Start Sprint To Make Homomorphic Encryption Ready For Real

(News ≈ Packet Storm)

European Banking Authority Hit By Microsoft Exchange Hack

(News ≈ Packet Storm)

Newest Intel Side-Channel Attack Sniffs Out Sensitive Data

A new side-channel attack takes aim at Intel's CPU ring interconnect in order to glean sensitive data. (Threatpost)

Crypto-Miner Campaign Targets Unpatched QNAP NAS Devices

Researchers warn two critical bugs impacting multiple QNAP firmware versions are under active attack. (Threatpost)

Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords

A phishing attack targeting Microsoft users leverages a bogus Google reCAPTCHA system. (Threatpost)


/security-daily/ 09-03-2021 23:44:24