HACK – Valerian's Realm

US Issues Warning After Microsoft Says China Hacked Its Mail Server Program

An anonymous reader quotes a report from NBC News: The U.S. has issued an emergency warning after Microsoft said it caught China hacking into its mail and calendar server program, called Exchange. The perpetrator, Microsoft said in a blog post, is a hacker group that the company has “high confidence” is working for the Chinese government and primarily spies on American…

Introducing Crowdsec: a Modernized, Collaborative Massively Multiplayer Firewall

Slashdot reader b-dayyy writes: CrowdSec is a massively multiplayer firewall designed to protect Linux servers, services, containers, or virtual machines exposed on the Internet with a server-side agent. It was inspired by Fail2Ban and aims to be a modernized, collaborative version of that intrusion-prevention tool. CrowdSec is free and open-source (under an MIT License), with the source code available on GitHub….

US Says Saudi Prince Approved Journalist Khashoggi Killing

A US intelligence report has found that Saudi Crown Prince Mohammed bin Salman approved the murder of exiled journalist Jamal Khashoggi in 2018. BBC: The declassified report released by the Biden administration says the prince approved a plan to either capture or kill the US-based Saudi exile. It is the first time America has publicly named the crown prince, who denies…

CD Projekt Ransomware Hack Severely Disrupts Work on Cyberpunk Updates

CD Projekt SA said Wednesday it will delay a promised update to the much-criticized role-playing game Cyberpunk 2077, pinning the blame for its slow progress on a recent security breach. From a report: What the Polish publisher didn’t say is that most of its employees have been locked out of their workstations for the past two weeks, according to people familiar…

Apple Is Going To Make It Harder to Hack iPhones With Zero-Click Attacks

Apple is going to make one of the most powerful types of attacks on iPhones much harder to pull off in an upcoming update of iOS. From a report: The company quietly made a new change in the way it secures the code running in its mobile operating system. The change is in the beta version of the next iOS version,…

Suspected Russian Hackers Used US Networks, Official Says

A sprawling cyber-attack that compromised popular software created by Texas-based SolarWinds was executed from within the U.S., a top White House official said, though the government believes Russia was responsible. From a report: The federal investigation of the hack will take several months, Deputy National Security Advisor Anne Neuberger said in a briefing for reporters on Wednesday. “As of today, nine…

SolarWinds Hack Was ‘Largest and Most Sophisticated Attack’ Ever, Microsoft President Says

A hacking campaign that used a U.S. tech company as a springboard to compromise a raft of U.S. government agencies is “the largest and most sophisticated attack the world has ever seen,” Microsoft Corp President Brad Smith said. From a report: The operation, which was identified in December and that the U.S. government has said was likely orchestrated by Russia, breached…

The Long Hack: How China Exploited a U.S. Tech Supplier

Supermicro chips and software were tampered with by Chinese operatives in the past decade, Bloomberg reported Friday, doubling down on its 2018 report that was widely disputed by several tech giants and government agencies. Today’s report says that U.S. security and defense officials knew of the hack but kept it secret in an effort to learn more about China’s hacking capabilities….

How the NSA’s Hubris Left America Vulnerable

A new book promises “the untold story of the cyberweapons market — the most secretive, invisible, government-backed market on earth — and a terrifying first look at a new kind of global warfare.” Its author — a New York Times cybersecurity reporter — shares the book’s story about David Evenden, a former National Security Agency analyst who later worked in Abu…

Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say

Investigators probing a massive hack of the U.S. government and businesses say they have found concrete evidence the suspected Russian espionage operation went far beyond the compromise of the small software vendor publicly linked to the attack. From a report: Close to a third of the victims didn’t run the SolarWinds software initially considered the main avenue of attack for the…