An anonymous reader quotes a report from ZDNet: Networking equipment and IoT device vendor Ubiquiti Networks has sent out today notification emails to its customers informing them of a recent security breach. “We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider,” Ubiquiti said in emails today. The servers stored…
Tag: malicious
Wasmer 1.0 Can Run WebAssembly ‘Universal Binaries’ on Linux, MacOS, Windows, Android, and iOS
The WebAssembly portable binary format will now have wider support from Wasmer, the server-side runtime which “allows universal binaries compiled from C++, Rust, Go, Python, and other languages to run on different operating systems and in web browsers without modification,” reports InfoWorld: Wasmer can run lightweight containers based on WebAssembly on a variety of platforms — Linux, MacOS, Windows, Android, iOS…
Sealed US Court Records Exposed In SolarWinds Breach
An anonymous reader quotes a report from Krebs On Security: The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the U.S. Courts. The…
T-Mobile Data Breach Exposed Phone Numbers, Call Records
T-Mobile has announced a data breach exposing customers’ proprietary network information (CPNI), including phone numbers and call records. From a report: Starting this week, T-Mobile began texting customers that a “security incident” exposed their account’s information. According to T-Mobile, its security team recently discovered “malicious, unauthorized access” to their systems. After bringing in a cybersecurity firm to perform an investigation, T-Mobile…
3 Million Users Have Installed 28 Malicious Chrome or Edge Extensions, Says Avast
More than three million internet users are believed to have installed 15 Chrome, and 13 Edge extensions that contain malicious code, reports ZDNet, citing an announcement from cybersecurity company Avast: Avast researchers said they believe the primary objective of this campaign was to hijack user traffic for monetary gains. “For every redirection to a third party domain, the cybercriminals would receive…
RubyGems Catches Two Packages Trying to Steal Cryptocurrency with Clipboard Hijacking
One day after they were uploaded, RubyGems discovered and removed two malicious packages that had been designed to steal cryptocurrency from unsuspecting users by installing a clipboard hijacker, reports Bleeping Computer, citing research by open-source security firm Sonatype. Fortunately, while the packages were downloaded a total of 142 times, “At this time, none of the cryptocurrency addresses have received any funds.”…
UK Use of Software Linked To Russia-Hack Runs Deep
The little-known Texas software company that’s been attacked by suspected Russian hackers has a sprawling reach among U.K. government agencies, potentially putting clients from the National Health Service to police forces at risk. From a report: SolarWinds, which fell victim to hackers who put a “backdoor” in the software giving them access to users’ computer networks, has been deployed by the…
SolarWinds Hides List of High-Profile Customers After Devastating Hack
SolarWinds has removed a list of high-profile clients from its website in the wake of a massive breach, “suggesting the company may be trying to obscure its clients in an effort to protect them from bad publicity,” reports The Verge. From the report: The list of vulnerable companies is much smaller than SolarWinds’ overall client list, so simply appearing on the…
Academics Turn RAM Into Wi-Fi Cards To Steal Data From Air-Gapped Systems
Academics from an Israeli university have published new research today detailing a technique to convert a RAM card into an impromptu wireless emitter and transmit sensitive data from inside a non-networked air-gapped computer that has no Wi-Fi card. From a report: Named AIR-FI, the technique is the work of Mordechai Guri, the head of R&D at the Ben-Gurion University of the…
Hackers at Center of Sprawling Spy Campaign Turned SolarWinds’ Dominance Against It
An anonymous reader shares a report: On an earnings call two months ago, SolarWinds Chief Executive Kevin Thompson touted how far the company had gone during his 11 years at the helm. There was not a database or an IT deployment model out there to which his Austin, Texas-based company did not provide some level of monitoring or management, he told…