Steve Zurier

February 2, 2021

Data on 3.2 million DriveSure clients exposed on hacking forum

Hackers published data on 3.2 million users lifted from DriveSure data on the Raidforums hacking forum late last month. To prove the data’s quality, threat actor “pompompurin” detailed the leaked files and user information information in a lengthy post, according to researchers at Risk Based Security, who were the first to report the breach. The…

The post Data on 3.2 million DriveSure clients exposed on hacking forum appeared first on SC Media.

January 30, 2021

Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide

Some 250 servers were apparently breached by the Lebanese Cedar APT group, an organization with suspected links to the Hezbollah Cyber Unit in Lebanon. The target victims include companies from many countries, including the United States, United Kingdom, Saudi Arabia, Egypt, Jordan, Lebanon, Israel and the Palestinian Authority. Many more companies and organizations have been…

The post Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide appeared first on SC Media.

January 28, 2021

Azure Functions vulnerability proves cloud users not always in control

A newly discovered Azure Functions vulnerability lets an attacker escalate privileges and escape the Azure Functions Docker to the Docker host. After an internal assessment, Microsoft determined that the vulnerability has no security impact on Azure Functions users because the Docker host itself gets protected by a Microsoft Hyper-V boundary, according to researchers from Intezer…

The post Azure Functions vulnerability proves cloud users not always in control appeared first on SC Media.

January 27, 2021

Apple Patches Three New iOS Zero-Days

While Apple has a significant focus on making iOS secure, one researcher said increasingly complex capabilities often bring vulnerabilities.

The post Apple Patches Three New iOS Zero-Days appeared first on SC Media.

January 26, 2021

BEC attack techniques exploit Microsoft 365 messages

Attackers exploit Microsoft 365 “read receipt” and “out of office” message loopholes to evade auto-remediation of a malicious email.

The post BEC attack techniques exploit Microsoft 365 messages appeared first on SC Media.

January 26, 2021

Users of IoT products from three major vendors at risk of DDoS attacks, data leaks

Softing Industrial Automation GmbH, Kepware PTC, and Matrikon Honeywell all provided fixes for their respective products after security firm Claroty privately disclosed them during 2020.

The post Users of IoT products from three major vendors at risk of DDoS attacks, data leaks appeared first on SC Media.

January 23, 2021

In second attack DDoS group demands 5 bitcoin payment

Five Radware customers received extortion letters in December and January threatening a DDoS attack if they did not pay five bitcoin (worth about $200,000) from a group that wanted the victims to believe they were from Fancy Bear, Lazarus Group and the Armada Collective. The threat group first attacked late last summer and in the…

The post In second attack DDoS group demands 5 bitcoin payment appeared first on SC Media.

January 21, 2021

Thousands of BEC lures use Google Forms in recon campaign

Researchers say they have observed thousands of messages using Google Forms to target retail, telecom, healthcare, energy and manufacturing companies in an apparent reconnaissance campaign to launch future business email compromises (BECs). The attackers used Google Forms to bypass email security content filters based on keywords, according to a blog released Wednesday by Proofpoint Threat…

The post Thousands of BEC lures use Google Forms in recon campaign appeared first on SC Media.

January 21, 2021

Bot ‘FreakOut’ leverages three critical vulnerabilities to attack Linux systems

Based on the malware features, the researchers said the attackers use the compromised systems for further attacks, spreading laterally across the victim company’s network, or launching attacks on outside targets while masquerading as the compromised company.

The post Bot ‘FreakOut’ leverages three critical vulnerabilities to attack Linux systems appeared first on SC Media.