Ubiquiti: Change Your Password, Enable 2FA

Credit to Author: BrianKrebs| Date: Mon, 11 Jan 2021 21:33:26 +0000

Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The company says an incident at a third-party cloud provider may have exposed customer account information and credentials used to remotely manage Ubiquiti gear.

Read more

Sealed U.S. Court Records Exposed in SolarWinds Breach

Credit to Author: BrianKrebs| Date: Thu, 07 Jan 2021 23:48:25 +0000

The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the U.S. Courts.

Read more

VMware Flaw a Vector in SolarWinds Breach?

Credit to Author: BrianKrebs| Date: Fri, 18 Dec 2020 18:33:13 +0000

U.S. government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. According to sources, among those was a flaw in software virtualization platform VMware, which the U.S. National Security Agency (NSA) warned on Dec. 7 was being used by Russian hackers to impersonate authorized users on victim networks.

Read more

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

Credit to Author: BrianKrebs| Date: Wed, 16 Dec 2020 18:37:47 +0000

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned.

Read more

SolarWinds Hack Could Affect 18K Customers

Credit to Author: BrianKrebs| Date: Tue, 15 Dec 2020 17:41:37 +0000

The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. Meanwhile, Microsoft should soon have some idea which and how many SolarWinds customers were affected, as it recently took possession of a key domain name used by the intruders to control infected systems.

Read more

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Credit to Author: BrianKrebs| Date: Mon, 14 Dec 2020 16:26:43 +0000

Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. Given the breadth of the company’s customer base, experts say the incident may be just the first of many such disclosures.

Read more

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Credit to Author: BrianKrebs| Date: Thu, 10 Dec 2020 17:45:36 +0000

Payment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business.

Read more