UK and US share more vulnerabilities exploited by Russia’s APT29 hackers
The UK government’s cybersecurity agency has published today an in-depth report detailing techniques used by a group of Russian state hackers known as APT29, Cozy Bear, or the Dukes.
FBI operation removed web shells from hacked Exchange servers across the US
The US Department of Justice announced today that a US judge granted the FBI the authority to log into web shells planted by hackers on Exchange email servers across the US and remove the malware as part of a mass-uninstall operation.
Pwn2Own 2021 hacking contest ends with a three-way tie
The 2021 spring edition of Pwn2Own, the cybersecurity industry’s biggest hacking competition, has come to a close today with a three-way tie between Team Devcore, OV, and the duo of security researchers Daan Keuper and Thijs Alkemade.
‘We’re responding in election cycles:’ Niloofar Razi Howe on the big changes needed to prevent the next SolarWinds attack
In a hearing held by the House Committee on Appropriations last week, Niloofar Razi Howe described 2021 as “one of the most consequential years in cybersecurity—and it’s only March.” Between the fallout from the SolarWinds supply chain attack, Microsoft Exchange vulnerabilities, and a surge in ransomware incidents, cybersecurity experts in both the private and public sectors have a lot to worry about. The Biden administration and lawmakers across party lines have made the incidents a top priority, with many calling on the U.S. to harden defenses and aggressively respond to nation state intrusions….