Tara Seals reports: CVE-2021-22893 allows remote code-execution (RCE) and is being used in the wild by nation-state cyberattackers to compromise VPN appliances in defense, finance and government orgs. A critical zero-day security vulnerability in Pulse Secure VPN devices has been exploited by nation-state actors to launch cyberattacks against U.S. defense, finance and government targets, as…
Category: Commentaries and Analyses
Palestinian Hackers Tricked Victims Into Installing iOS Spyware
Lily Hay Newman reports: Hacking activity in the Gaza Strip and West Bank has ramped up in recent years as rival Palestinian political parties spar with each other, the Israeli-Palestinian conflict continues, and Palestinian hackers increasingly establish themselves on the global stage. Now, Facebook has uncovered two digital espionage campaigns out of Palestine, active in 2019 and 2020, that…
Ca: Court approves data breach settlements with BMO, CIBC
James Langton reports: An Ontario court has approved proposed class action settlements with Bank of Montreal (BMO) and CIBC over cybersecurity breaches involving thousands of clients. The Superior Court of Justice endorsed settlements and distribution plans designed to resolve lawsuits against the banks stemming from a data theft that affected more than 10,000 clients of…
Kansas Department of Labor looking into possible data breach
Caroline Elliott reports: A KWCH investigation in February helped to launch a Kansas Department of Labor investigation after the investigation discovered a way to use social security numbers on the KDOL website to pull up anyone’s personal information. Eyewitness News reporter Caroline Elliott has been looking into the issue for months and Tuesday, April 20, Eyewitness…
Logins for 1.3 million Windows RDP servers collected from hacker market
Lawrence Abrams reports: The login names and passwords for 1.3 million current and historically compromised Windows Remote Desktop servers have been leaked by UAS, the largest hacker marketplace for stolen RDP credentials. With this massive leak of compromised remote access credentials, researchers, for the first time, get a glimpse into a bustling cybercrime economy and…
Massive Qlocker ransomware attack uses 7zip to encrypt QNAP devices
Lawrence Abrams reports: A massive ransomware campaign targeting QNAP devices worldwide is underway, and users are finding their files now stored in password-protected 7zip archives. The ransomware is called Qlocker and began targeting QNAP devices on April 19th, 2021. Since then, there has been an enormous amount of activity in our support forum, and ID-Ransomware…