Articles By This Author

Cybercrime Featured

Police shut down Android app that turned smartphones into proxies

Spanish police have seized servers and arrested the operators of an Android app designed to broadcast pirate video streams, but which also secretly sold users’ personal data and ensnared smartphones into proxy and DDoS botnets. Named Mobdro, the app was downloaded more than 100 million times, according to Spanish National Police.

Cybercrime Featured Nation-state

A hacking group is hijacking Microsoft Exchange web shells

A hacking group is piggybacking on the work of other threat actors and is hijacking web shells planted on unpatched Microsoft Exchange servers, including backdoors installed by Chinese cyberspies. The “hijacking activity” is related to the recently disclosed ProxyLogon vulnerabilities.

on fire
Cybercrime Featured Technology

Microsoft Exchange servers targeted by DearCry ransomware abusing ProxyLogon bugs

A threat actor is currently exploiting the ProxyLogon vulnerabilities to install ransomware on unpatched Microsoft Exchange email servers and encrypt their content, Microsoft confirmed today. Only six victims have been identified so far, according to Michael Gillespie, ID-Ransomware creator and an Emsisoft security researcher.

Cybercrime Featured Technology

Netflix is testing a way to secure accounts from hidden hackers

Netflix is currently testing a security feature that will block users who don’t live in the same home as the account owner from accessing a shared account, a spokesperson told The Record today. According to screenshots shared online today, some users who were sharing accounts with family but not living in the same home were prompted to register their own accounts.

Coors beer
Cybercrime Featured

Molson Coors beer production disrupted after cyberattack

The Molson Coors Beverage Company —the multinational conglomerate behind major beer and beverage brands like Coors, Miller, Molson, Bergenbier, and Redd’s— said today that production at some of its facilities has stopped following a cybersecurity incident. Sources who reached out to The Record earlier today said the company suffered a ransomware attack on Tuesday, following which affected IT systems were taken down.

artificial intelligence
Featured Nation-state Technology

Chinese universities connected to known APTs are conducting AI/ML cybersecurity research

At least six major Chinese universities with previous connections to government-backed hacking groups have been conducting research on the intersection of cybersecurity and machine learning. These universities have past connections to Chinese hacking groups, which have often recruited operators from the staff or student base, which the CSET team sees as an informal partnership.

Featured Technology

Browser users can be tracked even when JavaScript is disabled

According to an academic paper published this week, threat actors can launch attacks that leak small bits of information from browsers even when JavaScript is completely disabled, allowing for secret tracking even when users might believe they are safe.

ProxyLogon PoC
Featured Technology

PoC released for Microsoft Exchange ProxyLogon vulnerabilities

A Vietnamese security researcher has published today the first functional public proof-of-concept exploit for a group of vulnerabilities in Microsoft Exchange servers known as ProxyLogon, and which have been under heavy exploitation for the past week.

Featured Technology

Google, Linux Foundation, Red Hat release free tool to secure software supply chains

A coalition of Google, the Linux Foundation, Purdue University, and Red Hat launched a new project this week aimed at helping companies secure their software. Named Sigstore, this new tool will provide the infrastructure for developers to cryptographically sign software releases, container images, or binaries and then save signing proof in public and auditable logs.

Spain flag
Cybercrime Featured Government

Spanish government falls victim to Ryuk ransomware attack

The Spanish government has fallen victim to a ransomware attack on Tuesday that impacted the IT systems of the Servicio Público de Empleo Estatal (SEPE), the agency that manages and pays out government unemployment benefits. The incident affected the agency’s backend systems and public website.