Frank Bajak of AP reports: A software vulnerability exploited in the online game Minecraft is rapidly emerging as a major threat to internet-connected devices around the world. “The internet’s on fire right now,” said Adam Meyers, senior vice president of intelligence at the cybersecurity firm Crowdstrike. “People are scrambling to patch and there are script…
Category: Commentaries and Analyses
10 countries simulate cyber attack on global financial system
Steven Scheer of Reuters reports: Israel on Thursday led a 10-country simulation of a major cyber attack on the global financial system in an attempt to increase cooperation that could help to minimise any potential damage to financial markets and banks. The simulated cyber attack evolved over 10 days, with sensitive data emerging on the…
Ie: Hackers accessed HSE system eight weeks before cyber attack
Dyane Connor reports: The cyber attackers who hacked the Health Service Executive’s IT system, had accessed the system eight weeks before it detonated the malicious software, which caused devastating disruption across healthcare services. A report by PricewaterhouseCoopers (PwC) has found there were several “missed opportunities” after a phishing email was opened allowing the attacker access…
Emotet now drops Cobalt Strike, fast forwards ransomware attacks
Lawrence Abrams reports: In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent. […] Today, Emotet research group Cryptolaemus warned that Emotet is now skipping their primary malware payload of TrickBot or Qbot and directly installing Cobalt Strike beacons on infected…
Microsoft seizes control of websites used by China-backed hackers
Carly Page reports: Microsoft has seized control of a number of websites that were being used by a Chinese government-backed hacking group to target organizations in 29 countries, including the U.S. Microsoft’s Digital Crimes Unit (DCI) said on Monday that a federal court in Virginia had granted an order allowing the company to take control of the websites…
Cloud Service Provider Compromises Use CeeLoader Malware
Lindsey O’Donnell-Welch reports: A series of campaigns, with links to the threat actor behind the SolarWinds supply-chain intrusion, have been targeting cloud service providers with a new malware loader variant called CeeLoader. Researchers with Mandiant in a Monday analysis said they identified two distinct clusters of activity, UNC3004 and UNC2652, which they associate with UNC2452 (also known…