Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read about cloud-based security camera startup Verkada’s major breach where hackers gained access to over 150,000 cameras. Also, learn about an intrusion dubbed Earth Vetala that is targeting organizations in the Middle East.
Verkada, a Silicon Valley security startup that provides cloud-based security camera services, has suffered a major security breach. Hackers gained access to over 150,000 of the company’s cameras, including cameras in Tesla factories and warehouses, Cloudflare offices, Equinox gyms, hospitals, jails, schools, police stations and Verkada’s own offices.
Trend Micro researchers recently detected activity suspected to be from MuddyWater. This intrusion, dubbed Earth Vetala, used spear phishing emails with embedded links to a legitimate file-sharing service to distribute their malicious package. Trend Micro researchers have observed the campaign targeting various organizations in the Middle East and neighboring regions.
What, if anything, can stop the SolarWinds attacks of the future? The shining hope is a trend called "extended detection and response," known as XDR. It is cybersecurity's next big thing, fueling big acquisitions and big revenue – and big hopes that it can stop the biggest future attacks. In this article, Trend Micro’s Greg Young shares his thoughts on the power of XDR.
The 5G Automotive Association (5GAA), a cross-industry organization of companies from automotive, technology, and telecommunications industries, presented the latest interoperability applications for connected vehicles during its online session at the GSMA Mobile World Congress 2021. The presentation offered a full overview of connected mobility through C-V2X and how it energizes China’s connected automotive revolution.
This month’s Patch Tuesday update from Microsoft features nearly a hundred fixes, almost doubling last month’s total. The list includes patches already released for the Microsoft Exchange Server zero-day flaws attributed to Hafnium attacks. Out of 89 patches released, 14 were rated Critical while the rest were deemed Important and 15 of them were reported by the Zero Day Initiative (ZDI).
A developer published via GitHub a proof-of-concept (POC) ransomware program featuring strong compatibility with the post-exploitation tool Cobalt Strike, open-source coding, and extensionless encryption. The author claims the program, dubbed Povlsomware, is designed to be an educational tool for testing anti-virus protections; however, it’s possible that cybercriminals could adopt and modify the code in order to launch their own attacks.
Rarely do cyber-espionage campaigns appear on the scale of the current Microsoft Exchange Server situation. Four vulnerabilities were exploited by a state-backed threat group linked to China, according to Microsoft. Applying the available patches should be a top priority and anyone with an Exchange server needs to take investigative steps to check for signs of compromise.
Nations around the world are racing to acquire COVID-19 vaccines and assemble digital infrastructure and web applications to enable appointment booking. As they do this, Imperva Research Labs has monitored a staggering 372% increase in healthcare bot traffic globally since September 2020.
The internet of things (IoT) has created a new domain for botnet developers to compete and thrive in. They already battle one another for devices while their victims contend with persisting infections. The involvement of P2P technology in IoT botnets can transform them into stronger threats that organizations and users need to watch out for.
A dangerous Android malware called Flubot has already infected more than 60,000 devices and aims at stealing the banking data of its victims. Now, researchers have identified ten apps that were infected with not one, but two nasty pieces of Android banking trojan on the Google Play Store. It was confirmed by Google on February 9 that all the apps had been removed from Google Play.
What are your thoughts on the Microsoft Exchange server hack? Share in the comments below or follow me on Twitter to continue the conversation: @JonLClay.