Microsoft Reveals That Russian Attackers Accessed …

Malicious SolarWinds Orion backdoor installed in Microsoft’s network led to the attackers viewing some of its source code. Microsoft today disclosed its discovery that the attackers behind the SolarWinds breach and rigged software update had commandeered one of its internal accounts to view — but not alter — some of its source code “in a […]

SolarWinds hackers accessed our source code

The threat actors behind the SolarWinds attack could breach internal Microsoft accounts to view the source code for Microsoft products. Earlier this month, Microsoft confirmed that they detected malicious executables in their environment that were downloaded during the SolarWinds Orion platform supply chain attack. SolarWinds supply chain cyberattack In a blog post published today, Microsoft stated that […]

Adobe Flash Player is officially dead tomorrow

Flash Player will reach its end of life (EOL) on January 1, 2021, after always being a security risk to those who have used it over the years. Over the years, multiple zero-day and critical vulnerabilities [1, 2, 3, 4] found to impact Flash Player were used by both cybercriminals and nation-state hacking groups to install […]

Ticketmaster fined $10 million for breaking into rival’s systems

Ticketmaster, a Live Nation subsidiary and a leading ticket distribution and sales company, was fined $10 million for illegally accessing the systems of competitor CrowdSurge using the credentials of one of its former employees. “Ticketmaster employees repeatedly – and illegally – accessed a competitor’s computers without authorization using stolen passwords to unlawfully collect business intelligence,” Acting U.S. Attorney […]

Adobe now shows alerts in Windows 10 to uninstall Flash Player

With the Flash Player officially reaching the end of life tomorrow, Adobe has started to display alerts on Windows computers recommending that users uninstall Flash Player. When Flash Player is installed, it creates a scheduled task named ‘Adobe Flash Player PPAPI Notifier’ that executes the following command: “C:WindowsSysWOW64MacromedFlashFlashUtil32_32_0_0_465_pepper.exe” -update pepperplugin When this command is executed, […]

DHS orders federal agencies to update SolarWinds Orion platform

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered all US federal agencies to update the SolarWinds Orion platform to the latest version by the end of business hours on December 31, 2020. CISA’s Supplemental Guidance to Emergency Directive 21-01 demands this from all agencies using Orion versions unaffected in the SolarWinds supply chain attack. […]

T-Mobile data breach exposed phone numbers, call records

T-Mobile has announced a data breach exposing customers’ proprietary network information (CPNI), including phone numbers and call records. Starting yesterday, T-Mobile began texting customers that a “security incident” exposed their account’s information. According to T-Mobile, its security team recently discovered “malicious, unauthorized access” to their systems. After bringing in a cybersecurity firm to perform an […]

Emotet malware hits Lithuania’s National Public Health Center

The internal networks of Lithuania’s National Center for Public Health (NVSC) and several municipalities have been infected with Emotet malware following a large campaign targeting the country’s state institutions. “When infected recipients opened infected messages, the virus entered the internal networks of the institutions,” NVSC officials said in a statement published today. “Infected computers, after […]

Scroll to top