Sicurezza

The FBI Takes a Drastic Step to Fight China’s Hacking Spree

Pubblicato il

“If the Microsoft Exchange servers they interacted with were fully patched and they actually deleted any and all web shells on the backdoor servers, it should be quite effective,” says Steven Adair, founder of security firm Volexity, which first identified the Hafnium attack. “Assuming these Microsoft Exchange servers were just backdoor with web shells, they […]

Sicurezza

Facebook Moves Against ‘Evil Eye’ Hackers Targeting Uyghurs

Pubblicato il

Given that Facebook is banned in China, the company may seem like an unlikely source of information about Chinese hacking campaigns against the country’s Uyghur ethnic minority. On Wednesday, though, the company announced that it had identified recent espionage campaigns targeted at the Uyghur community, primarily people living abroad in countries like Australia, Canada, Kazakhstan, […]

Sicurezza

‘Browser Isolation’ Takes On Entrenched Web Threats

Pubblicato il

Few desktop and mobile applications are as heavily used as web browsers, yet browsers also introduce a slew of potential security exposures, no matter how carefully they’re locked down. Large organizations have relied on so-called “browser isolation” services to deal with this risk for years, but these tools are often slow and clunky. As a […]

Sicurezza

The Peculiar Ransomware Piggybacking Off of China’s Big Hack

Pubblicato il

When Microsoft revealed earlier this month that Chinese spies had gone on a historic hacking spree, observers reasonably feared that other criminals would soon ride that group’s coattails. In fact, it didn’t take long: A new strain of ransomware called DearCry attacked Exchange servers using the same vulnerabilities as early as March 9. While DearCry […]

Sicurezza

Chinese Hacking Spree Hit an ‘Astronomical’ Number of Victims

Pubblicato il

When news hit earlier this week that Chinese hackers were actively targeting Microsoft Exchange servers, the cybersecurity community warned that the zero-day vulnerabilities they were exploiting might have allowed them to hit countless organizations around the world. Now it’s becoming clear just many email servers they hacked. By all appearances, the group known as Hafnium […]

Sicurezza

China and Russia’s Spying Sprees Will Take Years to Unpack

Pubblicato il

First it was SolarWinds, a reportedly Russian hacking campaign that stretches back almost a year and has felled at least nine US government agencies and countless private companies. Now it’s Hafnium, a Chinese group that’s been attacking a vulnerability in Microsoft Exchange Server to sneak into victims’ email inboxes and beyond. The collective toll of […]

Sicurezza

China’s and Russia’s Spying Sprees Will Take Years to Unpack

Pubblicato il

First it was SolarWinds, a reportedly Russian hacking campaign that stretches back almost a year and has felled at least nine US government agencies and countless private companies. Now it’s Hafnium, a Chinese group that’s been attacking a vulnerability in Microsoft Exchange Server to sneak into victims’ email inboxes and beyond. The collective toll of […]

Sicurezza

Gab’s CTO Introduced a Critical Vulnerability to the Site

Pubblicato il

Over the weekend, word emerged that a hacker breached far-right social media website Gab and downloaded 70 gigabytes of data by exploiting a garden-variety security flaw known as an SQL injection. A quick review of Gab’s open source code shows that the critical vulnerability—or at least one very much like it—was introduced by the company’s […]

Sicurezza

Far-Right Platform Gab Has Been Hacked—Including Private Data

Pubblicato il

WIRED reached out to Gab for comment Friday, offering to share what we’d learned about the nature of the site’s data breach. The company’s CEO, Andrew Torba, responded in a public statement on the company’s blog that “reporters, who write for a publication that has written many hit pieces on Gab in the past, are […]

Sicurezza

Hackers Tied to Russia’s GRU Targeted the US Grid for Years

Pubblicato il

Together, in other words, the groups Dragos call Kamacite and Electrum make up what other researchers and government agencies collectively call Sandworm. “One group gets in, the other group knows what to do when they get in,” says Caltagirone. “And when they operate separately, which we also watch them do, we clearly see that neither […]