Arjun Kharpal reports: A Chinese state-sponsored hacking group successfully compromised the computer networks of at least six U.S. state governments between May 2021 and February this year, according to research published by cybersecurity firm Mandiant on Tuesday. The group, known as APT41, allegedly exploited vulnerabilities in web applications to get their initial foothold into state government networks, Mandiant said….
Category: Commentaries and Analyses
“Alexa, hack yourself” – researchers describe new exploit that turns smart speakers against themselves
Graham Cluley reports: Researchers have discovered a novel way of exploiting Amazon Echo smart speakers to perform commands. They get the Amazon Echo speaker to say the commands to itself. In a technical paper, researchers from London’s Royal Holloway University in London and the University of Catania in Italy describe their findings, which exploits how an…
Cloudflare, CrowdStrike, and Ping Identity Join Forces to Strengthen U.S. Cybersecurity in Light Of Increased Cyber Threats
They deserve good press for this — here’s their full press release from today: Cloudflare, CrowdStrike, and Ping Identity Join Forces to Strengthen U.S. Cybersecurity in Light Of Increased Cyber Threats The Critical Infrastructure Defense Project will provide comprehensive, no-cost cyber protections for U.S. hospitals and water and power utilities SAN FRANCISCO — March…
The Puerto Rican Organization to Motivate, Enlighten, and Serve Addicts (PROMESA) discloses 2020 data breach
Is there anyone who thinks this timeline/delay to notification is just fine? On July 17, 2020, Acacia determined that an unauthorized person gained access to certain employee email accounts for a limited time between June 6, 2020 and June 12, 2020. Their investigation was inconclusive as to whether anyone accessed the emails and attachments in…
PA lawmaker wants state to review entire process that led to company’s contact tracing data breach
Rick Earle reports: A state lawmaker has requested the auditor general review the entire process that led to the awarding of that $30 million contract with Insight Global to do contact tracking in Pennsylvania. State Rep. Jason Ortitay, a Republican from Bridgeville, told Target 11 Investigator Rick Earle that this may be the only way…
The Tel Aviv company paid millions to stop cyber criminals
Ofir Dor reports: In early 2021, a team from Sygnia was called in to deal with an intrusion into the systems of a US technology company that develops and manufactures Wi-Fi equipment, and that has a $15 billion market cap. The company received an anonymous email demanding a ransom payment of 50 Bitcoins (about $1.9…