NSA issued an advisory that hackers were exploiting VMWare’s and SolarWinds’ Orion vulnerabilities to perform federated login and execute attacks as part of SolarWinds hack.
Staff Correspondent at CPO Magazine
Alicia Hope has been a journalist for more than 5 years, reporting on technology, cyber security and data privacy news.
Microsoft detected a second hacking team targeting Orion software and running its campaign parallel to the Russian hacking group; SolarWinds acknowledges the threat.
Recent SEC filing disclosed that 18,000 customers installed the SolarWinds backdoor while Microsoft said that it alerted 40 customers targeted by the Russian state-sponsored hackers.
Security researchers discovered 33 vulnerabilities in millions of devices using four popular open-source libraries. The bugs allow attacks, including remote code execution and DDoS.
Nation-state hackers with suspected links to Russia were behind the security breach at FireEye. The attackers stole Red Team tools and searched for government customer information.
DoppelPaymer ransomware gang demanded Bitcoins worth about $34 million to unlock Foxconn's data encrypted in a ransomware attack that stole 100 GB of data and encrypted 1,200 servers.
Clop Ransomware gang encrypted South Korean Retail Operator E-Land after secretly stealing 2 million credit card details for more than a year using a stealth POS malware.
Brazil's Ministry of Health website data leak exposed medical records of 243 million living and deceased Brazilians after database access credentials were saved in the source code.
A hacker on a Russian-speaking forum is selling hundreds of business executives' email and password combinations for Office 365 and Microsoft accounts for use in BEC scams.
Researchers from Palo Alto Networks discovered data leak from Baidu and other apps that could allow user tracking across devices for a lifetime. Over 6 million users in the United States were affected.
