Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices
www.fireeye.com/blog/threat-research/2021/05/updates-on-chinese-apt-compromising-pulse-secure-vpn-devices.html In April, Mandiant published information about Pulse Secure devices, in this blog post they update the findings and provide recommendations to defenders
APT hackers breached US local govt by exploiting Fortinet bugs
www.bleepingcomputer.com/news/security/fbi-apt-hackers-breached-us-local-govt-by-exploiting-fortinet-bugs/ FBI: As of at least May 2021, an APT actor group almost certainly exploited a Fortigate appliance to access a webserver hosting the domain for a U.S. municipal government. FBI Flash alert:
Analysis report of the Facefish rootkit
blog.netlab.360.com/ssh_stealer_facefish_en/ Indepth analysis of a rootkit/backdoor for Linux called “Facefish” that steals ssh credentials from server and client, and can provide attackers the means to execute commands on the system
Klarna mobile app bug let users log into other customers’ accounts
www.bleepingcomputer.com/news/security/klarna-mobile-app-bug-let-users-log-into-other-customers-accounts/ Klarna Bank suffered a severe technical issue this morning that allowed mobile app users to log into other customers’ accounts and see their stored information.
Japanese government agencies suffer data breaches after Fujitsu hack
www.bleepingcomputer.com/news/security/japanese-government-agencies-suffer-data-breaches-after-fujitsu-hack/ Offices of multiple Japanese agencies were breached via Fujitsu’s “ProjectWEB” information sharing tool. By gaining unauthorized access to government systems via ProjectWEB, attackers were able to obtain at least 76, 000 e-mail addresses, and proprietary information, including the e-mail system settings.
Belgium government discovered 2019 hack during Hafnium investigation
therecord.media/belgium-government-discovers-old-2019-hack-during-hafnium-investigation/ Officials found Exchange servers that were vulnerable and needed patching, but the IT staff at the Federal Public Service Interiorthe country’s interior ministryalso found additional signs of compromise that dated back years, rather than months, when the first Hafnium attacks were spotted.
Cryptocurrency scam attack on Twitter reminds users to check their app connections
www.tripwire.com/state-of-security/featured/cryptocurrency-scam-attack-twitter-check-app-connections/ Internet entrepreneur Carl Pei, the co-founder of smartphone firm OnePlus, has been a victin of cryptocurrency scammers using his Twitter account to send fraudulent message to his 330, 000 followers.
Deep dive into Visual Studio Code extension security vulnerabilities
snyk.io/blog/visual-studio-code-extension-security-vulnerabilities-deep-dive/ Snyk has discovered a new vector for supply chain attacks: IDE plugins. Severe vulnerabilities were found in popular VS Code extensions, enabling attackers to compromise local machines as well as build and deployment systems through a developer’s IDE.