This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we speak to Point3 Security chief strategist Chloé Messdaghi, HaveIBeenPwned founder Troy Hunt, and We Hack Purple founder and CEO Tanya Janca about security fatigue.
Digital attackers are increasingly launching sophisticated campaigns in an effort to target U.S. federal agencies and other organizations. Two recent examples demonstrate this reality. These are the SolarWinds supply chain attack and the HAFNIUM Exchange exploit campaign.
Natanz has been targeted by sabotage in the past. The Stuxnet computer virus, discovered in 2010 and widely believed to be a joint U.S.-Israeli creation, once disrupted and destroyed Iranian centrifuges at Natanz amid an earlier period of Western fears about Tehran’s program. Natanz suffered a mysterious explosion at its advanced centrifuge assembly plant in July that authorities later described as sabotage. Iran now is rebuilding that facility deep inside a nearby mountain. Iran also blamed Israel for the November killing of a scientist who began the country’s military nuclear program decades earlier.
Enterprises, big and small, often need a high grade of endpoint security to comply with industry regulations, client requirements, or simply to prevent disruption to the business and protect internal sensitive information from falling into the wrong hands.
In an update offering further insight into the root cause of the late March attack, the team says because it’s possible the master.php.net user database was exposed, master.php.net has been moved to main.php.net. The team also reset php.net passwords, and you can visit https://main.php.net/forgot.php to set a new password. In addition, git.php.net and svn.php.net are both read-only now.
The attacker triggers a 12-hour freeze on new verification codes being sent to your phone — then simply reports that same phone number as a lost/stolen phone needing deactivation. There are apparently no follow-up questions, and “an automated process has been triggered, without your knowledge, and your account will now be deactivated,” Forbes writes.
Cyber Threats to Physical Systems are Increasing in Sophistication and Volume
The recent growth in cyber-attacks against operational technology (OT) systems is unprecedented.
Welcome back to This Week in Apps, the weekly TechCrunch series that recaps the latest in mobile OS news, mobile applications and the overall app economy.
One thing I did not expect to see in 2021 is a lot of people complaining about how difficult their SIEM is to operate.
Protesters in Myanmar, who asked to stay anonymous, told Reuters they were terrified about being shut off from the world, with no way to broadcast news of the protests or of the army’s killings to those outside of Myanmar. “We Myanmar people are in the dark now,” said one young protester. “News from Myanmar is going to disappear,” another added. Governments around the world are increasingly using internet restrictions during political crises as a tool to limit free expression and hide human rights abuses, according to data from the digital rights organization Access Now. The U.N. Human Rights Council has condemned such intentional disruptions as a human rights violation. “Whenever the internet is shut down during such critical moments we would hear or document or see reports of human rights abuses, and that is what is happening in Myanmar,” said Felicia Anthonio, a campaigner with Access Now. “The government is cracking down on protesters to ensure they do not let the rest of the world know what is happening.” Since the coup, the junta has ordered telecom companies to carry out dozens of shutdowns. These shutdowns targeted mobile and wireless internet, which is the only available internet for most in the country.
Written by Tim Starks
It seems as if news of another malware or ransomware attack surfaces every day. From the ransomware attack against defense contractor CPI to an Emotet campaign impersonating the Democratic National Committee, 2020 was booming with malware and ransomware incidents. Unfortunately, sophisticated and devastating malware and ransomware attacks will likely increase throughout 2021 as threat actors continue to capitalize on global affairs.
It’s not just corporations, government entities, and technology companies that are being targeted for cyberattacks. School districts are also on the list of prey for cybercriminals, and Austin ISD became one of the latest victims of a hack caused by third-party remote access.
In a statement to Tom’s Guide, Zoom thanked the Computest researchers and said the company was “working to mitigate this issue with respect to Zoom Chat.” In-session Zoom Meetings and Zoom Video Webinars are not affected. “The attack must also originate from an accepted external contact or be a part of the target’s same organizational account,” Zoom added. “As a best practice, Zoom recommends that all users only accept contact requests from individuals they know and trust.”
As the old security adage goes, “a well-managed network/system is a secure network/system,” and this notion of network and system management is a cybersecurity foundation. Pick any framework (e.g., NIST Cybersecurity framework), international standard (e.g., ISO 27000), best practice (e.g., CIS 20 Critical Controls) or professional certification (e.g., CISSP), and much of the guidelines presented will be about security hygiene and posture management.
Image: OLIVIER DOULIERY/AFP via Getty Images
Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet.