Security daily (08-05-2021)

Cyberattack disrupts Colonial Pipeline, which transports 100 million gallons of fuel daily

A cyberattack has temporarily halted operations at Colonial Pipeline, the largest pipeline system for moving gas and diesel products in the U.S., the company said Friday. Colonial Pipeline, which delivers more than 100 million gallons of fuel daily to customers from Texas to New York, said that after learning of the incident on Friday that it “proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations and affected some of our IT systems.” It was unclear at press time Saturday morning who was responsible for the digital intrusion or how long the company’s pipeline operations would be halted. A Colonial Pipeline spokesperson declined to comment beyond the company’s statement. The Department of Homeland Security’s cybersecurity agency said that ransomware was the cause of the incident in a statement Saturday afternoon. “This underscores the threat that ransomware poses to organizations regardless of size or sector,” […] The post Cyberattack disrupts Colonial Pipeline, which transports 100 million gallons of fuel daily appeared first on CyberScoop. (CyberScoop)

Top 12 Security Flaws Russian Spy Hackers Are Exploiting in the Wild

Cyber operatives affiliated with the Russian Foreign Intelligence Service (SVR) have switched up their tactics in response to previous public disclosures of their attack methods, according to a new advisory jointly published by intelligence agencies from the U.K. and U.S. Friday. "SVR cyber operators appear to have reacted [...] by changing their TTPs in an attempt to avoid further detection and (The Hacker News)

4 Major Privacy and Security Updates From Google You Should Know About

Google has announced a number of user-facing and under-the-hood changes in an attempt to boost privacy and security, including rolling out two-factor authentication automatically to all eligible users and bringing iOS-styled privacy labels to Android app listings. "Today we ask people who have enrolled in two-step verification (2SV) to confirm it's really them with a simple tap via a Google (The Hacker News)

New TsuNAME Flaw Could Let Attackers Take Down Authoritative DNS Servers

Security researchers Thursday disclosed a new critical vulnerability affecting Domain Name System (DNS) resolvers that could be exploited by adversaries to carry out reflection-based denial-of-service attacks against authoritative nameservers. The flaw, called 'TsuNAME,' was discovered by researchers from SIDN Labs and InternetNZ, which manage the national top-level internet domains '.nl' and '. (The Hacker News)

New Qualcomm Chip Bug Could Let Hackers Spy On Android Devices

Cybersecurity researchers have disclosed a new security vulnerability in Qualcomm's mobile station modems (MSM) that could potentially allow an attacker to leverage the underlying Android operating system to slip malicious code into mobile phones, undetected. "If exploited, the vulnerability would have allowed an attacker to use Android OS itself as an entry point to inject malicious and (The Hacker News)

ALERT — New 21Nails Exim Bugs Expose Millions of Email Servers to Hacking

The maintainers of Exim have released patches to remediate as many as 21 security vulnerabilities in its software that could enable unauthenticated attackers to achieve complete remote code execution and gain root privileges. Collectively named '21Nails,' the flaws include 11 vulnerabilities that require local access to the server and 10 other weaknesses that could be exploited remotely. The (The Hacker News)

New Pingback Malware Using ICMP Tunneling to Evade C&C Detection

Researchers on Tuesday disclosed a novel malware that uses a variety of tricks to stay under the radar and evade detection, while stealthily capable of executing arbitrary commands on infected systems. Called 'Pingback,' the Windows malware leverages Internet Control Message Protocol (ICMP) tunneling for covert bot communications, allowing the adversary to utilize ICMP packets to piggyback (The Hacker News)

Major U.S. Pipeline Crippled in Ransomware Attack

Colonial Pipeline Company says it is the victim of a cyberattack that forced the major provider of liquid fuels to the East Coast to temporarily halted all pipeline operations. (Threatpost)


/security-daily/ 09-05-2021 23:44:22