Washington State auditor
Thieves stole the personal unemployment-claim data of 1.6m people in America’s Washington State in a hack of the state auditor’s office. Seattle Times: https://www.seattletimes.com/seattle-news/politics/personal-data-of-1-6-million-washington-unemployment-claimants-exposed-in-hack-of-state-auditor/
SonicWall SMA 100
This US internet-security company announced that hackers are actively exploiting a zero-day vulnerability in its Secure Mobile Access 100 series devices. The Hacker News: https://thehackernews.com/2021/02/hackers-exploiting-critical-zero-day.html
NoxPlayer
Researchers discovered a supply-chain attack targeting online gamers by compromising the update mechanism of NoxPlayer, an Android emulator. The Hacker News: https://thehackernews.com/2021/02/a-new-software-supplychain-attack.html
Security patches
A security researcher revealed that software vendors are pushing inadequate or incomplete security patches. Six of the 24 zero-days exploited in 2020 were variants of previously disclosed vulnerabilities, and another three were incompletely patched. The Register: https://www.theregister.com/2021/02/03/enigma_patch_zero/
HPC clusters
A new malware is targeting high-performance computing clusters at universities, government agencies and internet service providers. It enables attackers to execute arbitrary commands on the systems. The Hacker News:https://thehackernews.com/2021/02/a-new-linux-malware-targeting-high.html
Microsoft Defender ATP
Microsoft Defender Advanced Threat Detection labeled Google Chrome’s browser update as a backdoor trojan. System admins are waiting for Microsoft’s statement to confirm that this is a false positive and not an actual threat. ZDNet: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Stormshield
This French cybersecurity company announced that it had suffered a security breach. The hackers stole sensitive data and source code. Graham Cluley:https://grahamcluley.com/cybersecurity-firm-stormshield-hacked-data-including-source-code-stolen/
Chrome
Google patched a zero-day vulnerability in Chrome that hackers are exploiting in the wild. The vulnerability is a heap buffer overflow in the V8 JavaScript rendering engine. The Hacker News: https://thehackernews.com/2021/02/new-chrome-browser-0-day-under-active.html
SolarWinds
SolarWinds pushed out fixes for three severe vulnerabilities unrelated to the original SolarWinds backdoor. Ars Technica: https://arstechnica.com/information-technology/2021/02/solarwinds-patches-vulnerabilities-that-could-allow-full-system-control/
Ransomware
The UK’s National Cyber Security Centre revealed that an unnamed company had paid £6.5m ($8.9m) to restore its network and retrieve its files following a ransomware attack. The hackers then returned, infected its systems again, and extracted a second ransom. ZDNet: https://www.zdnet.com/google-amp/article/ransomware-this-is-the-first-thing-you-should-think-about-if-you-fall-victim-to-an-attack/
Serco
This British outsourcing company confirmed that a double extortion ransomware attack hit parts of its infrastructure in Europe. Computer Weekly: https://www.computerweekly.com/news/252495684/Serco-confirms-Babuk-ransomware-attack
Leon Medical Centers and Nocona General Hospital
Hackers published patient information from two US hospital chains after attempting to extort ransom for the data. NBC: https://www.nbcnews.com/tech/security/hackers-post-detailed-patient-medical-records-two-hospitals-dark-web-n1256887
British Mensa
The British branch of Mensa, a society for “high-IQ” people, reported that it had experienced a cyberattack. Computing: https://www.computing.co.uk/news/4026515/british-mensa-falls-victim-cyber-attack
Nissan North America
Nissan North America suffered a data leak in which source code for its mobile apps and several internal tools appeared on the internet due to a misconfigured Git server. Industry Week: https://www.industryweek.com/technology-and-iiot/article/21151660/data-leak-hits-nissan-north-america
EscortReviews.com
A data breach on EscortReviews.com exposed personal information belonging to 427,000 site members, including sex workers and their customers. Tom’s Guide: https://www.tomsguide.com/news/escort-reviews-data-breach
Foxtons Group
A data breach at Britain’s Foxtons forced the real-estate agency to shut down its customer portal. Though the company claimed no sensitive data was compromised, a recent investigation found more than 16,000 credit-card details and other information uploaded on the dark web. Tess: https://www.teiss.co.uk/foxtons-group-data-breach/
Oxfam Australia
Oxfam Australia is investigating a data breach after a hacker claimed to be selling a database on a hacking forum. Bleeping Computer: https://www.bleepingcomputer.com/news/security/oxfam-australia-investigates-data-breach-after-database-sold-online/
The Woodland Trust
This British conservation charity disclosed that it is investigating a cyberattack from last December. Infosecurity Magazine: https://www.infosecurity-magazine.com/news/cyber-attack-on-woodland-trust/