Weekly News Wrap-up
Cybersecurity News: March 8, 2021
Microsoft links new malware to SolarWinds hackers
SC Magazine, Joe Uchill
“These capabilities differ from previously known Nobelium tools and attack patterns, and reiterate the actor’s sophistication. In all stages of the attack, the actor demonstrated a deep knowledge of software tools, deployments, security software and systems common in networks, and techniques frequently used by incident response teams.” Read More
More Details Emerge on the Microsoft Exchange Server Attacks
DarkReading, Kelly Sheridan
“This attack has been a series of exploiting recent CVEs and using loud, overt tradecraft, which is surprising. But considering they have sprayed this all over the Internet, they clearly don’t care about being stealthy.” Read More
Malaysia Airlines discloses a nine-year-long data breach
Bleeping Computer, Lawrence Abrams
“The member information exposed during the data breach includes member names, contact information, date of birth, gender, frequent flyer number, status. and rewards tier level. The exposed data did not include Enrich member’s itineraries, reservations, ticketing, or any ID card or payment card information.” Read More
Universal Health Services Suffered $67 Million Loss Due to Ransomware Attack
DarkReading
“The disruption caused by the attack prompted UHS staff to divert ambulance traffic and elective/scheduled procedures at UHS acute care hospitals to competitor facilities during the recovery time, which UHS said affected its finances.” Read More
Congress confronts US cybersecurity weaknesses in wake of SolarWinds hacking campaign
CNET, Laura Hautala, Rae Hodge
“Whether it’s a lack of cybersecurity personnel, poor communication between private companies and the federal government, or the absence of global standards for acceptable espionage hacking, longstanding issues all came into play.” Read More
Cybersecurity News: March 1, 2021
Hackers Break Into ‘Biochemical Systems’ At Oxford Uni Lab Studying Covid-19
Forbes, Thomas Brewster
“As the attackers were selling access, it suggests it was probably not a nation-state but a group who thought nation-states or those working on valuable intellectual property might pay for.” Read More
Ukraine says Russia hacked its document portal and planted malicious files
Ars Technica, Dan Goodin
“The malicious documents contained a macro that secretly downloaded a program to remotely control a computer when opening the files.” Read More
SolarWinds not the only company used to hack targets, tech execs say at hearing
CNET, Laura Hautala
“Still unknown is whether the hackers carried out similar attacks on software vendors other than SolarWinds, creating more than one back door for their victims to unwittingly install on their own systems. Smith said we may never know the exact number of attack vectors hackers used to access victims’ systems.” Read More
Microsoft Exchange Server attacks: ‘They’re being hacked faster than we can count’, says security company
IT Pro, Rene Millman
“…the closure of North Korea’s border with China to mitigate COVID-19’s spread, along with severe typhoons and floods that acutely decreased agricultural yield, to be key factors in the potential increase of cyber crime.” Read More
New malware found on 30,000 Macs has security pros stumped
Ars Technica, Dan Goodin
“The malware has been found in 153 countries with detections concentrated in the US, UK, Canada, France, and Germany. Its use of Amazon Web Services and the Akamai content delivery network ensures the command infrastructure works reliably and also makes blocking the servers harder.” Read More
