21-02-202123-02-2021

Security daily (22-02-2021)

SolarWinds CEO talks hack, remaining questions before Capitol Hill hearings

The chief executive of SolarWinds on Monday said his company is still seeking a fuller understanding of the scope of the hack on its Orion software — and laying the groundwork for what SolarWinds, as well as the federal government, should be doing next. “What we are… still learning is the breadth and depth of the sophistication of the attackers, number one,” Sudhakar Ramakrishna said at a Center for Strategic and International Studies online event where he noted that the company’s investigation into what happened is ongoing. “Number two is the patience with which they carried out these attacks, and obviously the persistence,” he said, citing as an example that the hackers appeared to use earlier versions of Orion code as a test bed for their eventual attack. Ramakrishna took over as CEO weeks after news about the hack of SolarWinds’ updates to its Orion software had become public. The […] The post SolarWinds CEO talks hack, remaining questions before Capitol Hill hearings appeared first on CyberScoop. (CyberScoop)

FireEye IDs hacking group suspected in Accellion, Kroger breach

Security investigators have identified the hacking group suspected to be behind a data breach of an IT firm that has affected a number of corporations, law firms and other organizations in recent months.  Accellion, a software firm that provides file transfer services to more than 3,000 clients, on Monday said that UNC2546, a “criminal” attacker, had exploited multiple vulnerabilities in Accellion software to install malware. The group appeared to infiltrate an Accellion tool to gather information from Accellion clients, then contact victims, threatening to publish their stolen data. Mandiant, the incident response arm of the security vendor FireEye, made the determination that UNC3546 was behind the incident.  The breach at Accellion, uncovered on Dec. 23, involved an attacker leveraging a zero-day vulnerability to break into the Palo Alto-based cloud company’s secure file transfer application, or FTA.  “The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, […] The post FireEye IDs hacking group suspected in Accellion, Kroger breach appeared first on CyberScoop. (CyberScoop)

Chinese hackers stole another NSA-linked hacking tool, research finds

The U.S. intelligence community was rocked in 2017 when a group of mysterious hackers known as the Shadow Brokers leaked a trove of National Security Agency hacking tools for public consumption. The exact identity of the leakers remains unknown to this day. According to a growing body of security research, though, hackers with suspected links to the Chinese government may have had access to some of the same tools before they were published, and the Shadow Brokers may not be the only thieves the U.S. intelligence community has to worry about. According to new research from Israeli security firm Check Point published Monday, a group of Chinese hackers known as APT31 appear to have copied an exploit developed by Equation Group, a hacking group broadly believed to be associated with the NSA, more than two years before the Shadow Brokers leaked the trove of NSA tools. The exploit, which Check […] The post Chinese hackers stole another NSA-linked hacking tool, research finds appeared first on CyberScoop. (CyberScoop)

Nvidia announces official “anti-cryptomining” software drivers

"It's a DoS, Jim, but not as we know it." (Naked Security)

Naked Security Live – How to calculate important things using a computer

Here's the latest Naked Security Live talk - watch now! (Naked Security)

Hunting For Bugs In Telegram's Animated Stickers Remote Attack Surface

(News ≈ Packet Storm)

Chinese Spyware Code Was Copied From America's NSA

(News ≈ Packet Storm)

Parents Alerted To NurseryCam Security Breach

(News ≈ Packet Storm)

Python Hurries Out Update To Tackle Remote Code Execution Vulnerability

(News ≈ Packet Storm)

New Malware Found On 30,000 Macs Has Security Pros Stumped

(News ≈ Packet Storm)

Apple Is Going To Make It Harder To Hack iPhones With Zero-Click Attacks

(News ≈ Packet Storm)

TDoS Attacks Take Aim at Emergency First-Responder Services

The FBI has warned that telephony denial-of-service attacks are taking aim at emergency dispatch centers, which could make it impossible to call for police, fire or ambulance services. (Threatpost)

Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report

APT31, a Chinese-affiliated threat group, copied a Microsoft Windows exploit previously used by the Equation Group, said researchers. (Threatpost)

Assume Clubhouse Conversations Are Being Recorded, Researchers Warn

Two breaches of the audio-based social media app reinforce privacy, security concerns. (Threatpost)

Accellion FTA Zero-Day Attacks Show Ties to Clop Ransomware, FIN11

The threat actors stole data and used Clop's leaks site to demand money in an extortion scheme, though no ransomware was deployed. (Threatpost)

21-02-202123-02-2021

/security-daily/ 23-02-2021 23:44:24