Displaying items by tag: Kevin Beaumont

A software management agent silently installed by Microsoft's cloud platform Azure on Linux VMs has a number of remote code execution and local privilege escalation flaws, security firm Wiz.io has revealed.

Microsoft has revealed details of another zero-day attack on its Office software, releasing an advisory prior to issuing a patch for the flaw.

Attackers from the LockBit ransomware group have threatened to leak more data within a day that they claim they have stolen from global services provider Accenture, allegedly through an insider.

JBS Foods, the biggest meat-processing operation in the world, has been hit by a cyber-attack that has affected its American and Australian operations.

The BBC has questioned whether Microsoft's publication of a post claiming that firmware attacks are on the rise is a red herring to distract from the issues the company is having with Microsoft Exchange Server.

Australian media firm Nine Entertainment is continuing to stay mum as far as public statements on the network attack on its Sydney offices go. It is more or less certain now that Windows ransomware known as MedusaLocker was used in the attack.

Channel Nine, the main TV channel owned by Nine Entertainment, has managed to put its breakfast show Today to air on Monday, a day after the show's weekend edition could not be aired on Sunday due to what the company has called a "cyber attack".

Close on the heels of the DearCry Windows ransomware, that appeared earlier this month and attacked Microsoft Exchange Server flaws, another strain, known as Black Kingdom, has emerged to take advantage of the same vulnerabilities.

The company at the centre of the global intrusion detailed by security company FireEye on Monday AEDT — SolarWinds — has quietly taken down the page on its website which had a list of its elite customers.

It's surprising that global cyber security firm Sophos has hidden from public view the fact that it has suffered a security breach which is said to have taken place during the week.

An Internet outage in the US on Friday, which was blamed on Iran by a Twitter account known as AS-Source News that has now been deleted, was due to a configuration error on Friday made by Cloudflare staff, the company's chief executive Matthew Prince has acknowledged.

The outages experienced by many companies in the US on Tuesday (Australian time) were apparently due to T-Mobile making changes to its network configuration resulting in a series of cascading failures for its users which affected both voice and data networks, the chief executive and co-founder of web-infrastructure and website-security company, Cloudflare claims.

The British fintech firm Finastra appears to have been hit by a Windows ransomware attack, with the company saying it had noticed "potential anomalous activity" on its systems on 20 March.

British security expert Kevin Beaumont has thrown in his lot with the company often described as the Typhoid Mary of the Internet — Microsoft — but says he will not be a big cog in the wheel there, just a security threat analyst.

Microsoft has released a patch for a vulnerability in crypt32.dll, a library used for authentication, a flaw it rates important, the second rank on its severity rating list, but which the NSA has seen fit to issue an advisory about, something the agency never does.

Global foreign exchange dealer Travelex has been hit by Windows malware and has taken its website down.

Global security firm Prosegur has been hit by a Windows ransomware attack and has shut down at least a part of its network, the company announced on Wednesday.

The infamous ransomware WannaCry, which burst on to the world stage in May 2017, is still very much alive and infecting Windows PCs, but a zipped portion appears to have gotten corrupted, preventing its encryption and ransom note creation components from working.

Ten months ago, the American news agency Bloomberg published a sensational story claiming that Chinese spies had corrupted the tech supply chain and installed small chips on motherboards which were supplied to the American company Supermicro Computer. Despite being met by a storm of denial, the likes of which is rarely seen, Bloomberg has neither retracted nor corrected the yarn till today.

US security firm Immunity has started selling an exploit to take advantage of a flaw in Microsoft's proprietary remote desktop protocol. The vulnerability was revealed in May.