Displaying items by tag: Kevin Beaumont

British security researcher Kevin Beaumont has listed details about a backdoor that is claimed to infect Linux systems, with the consulting firm PwC having documented it as well. Both claim the threat emanates from China.

Authentication services provider Okta has allegedly been breached by the same group that got through the defences of Samsung and Microsoft, according to a claim made by the group on Monday, but the company has tied it to an event in January.

The Log4j vulnerability appears to have been overhyped by the infosec industry, with nothing like the scale of attacks expected materialising.

Software behemoth Microsoft appears to have finally reacted to the goading of British security expert Kevin Beaumont over the fact that the company plays host to malware on its OneDrive and Office365 platforms.

Information security expert Kevin Beaumont has continued highlighting the way in which Microsoft hosts ransomware on its own properties, pointing out that there are multiple threat actors using OneDrive in campaigns, with direct links to the platform.

A British tech researcher, who quit working as a security threat analyst with Microsoft a few months back, has called on his former employer to act speedily to remove links to ransomware on its Office365 platform.

A Microsoft announcement that the company would be disabling macros as a default feature in Excel 4.0 has been greeted as a step that "would really help defenders".

ANALYSIS A Facebook engineer issued a command to assess the availability of global backbone capacity and this, unintentionally, took down all the connections in the company's backbone, effectively cutting off all its data centres, the company says.

A software management agent silently installed by Microsoft's cloud platform Azure on Linux VMs has a number of remote code execution and local privilege escalation flaws, security firm Wiz.io has revealed.

Microsoft has revealed details of another zero-day attack on its Office software, releasing an advisory prior to issuing a patch for the flaw.

Attackers from the LockBit ransomware group have threatened to leak more data within a day that they claim they have stolen from global services provider Accenture, allegedly through an insider.

JBS Foods, the biggest meat-processing operation in the world, has been hit by a cyber-attack that has affected its American and Australian operations.

The BBC has questioned whether Microsoft's publication of a post claiming that firmware attacks are on the rise is a red herring to distract from the issues the company is having with Microsoft Exchange Server.

Australian media firm Nine Entertainment is continuing to stay mum as far as public statements on the network attack on its Sydney offices go. It is more or less certain now that Windows ransomware known as MedusaLocker was used in the attack.

Channel Nine, the main TV channel owned by Nine Entertainment, has managed to put its breakfast show Today to air on Monday, a day after the show's weekend edition could not be aired on Sunday due to what the company has called a "cyber attack".

Close on the heels of the DearCry Windows ransomware, that appeared earlier this month and attacked Microsoft Exchange Server flaws, another strain, known as Black Kingdom, has emerged to take advantage of the same vulnerabilities.

The company at the centre of the global intrusion detailed by security company FireEye on Monday AEDT — SolarWinds — has quietly taken down the page on its website which had a list of its elite customers.

It's surprising that global cyber security firm Sophos has hidden from public view the fact that it has suffered a security breach which is said to have taken place during the week.

An Internet outage in the US on Friday, which was blamed on Iran by a Twitter account known as AS-Source News that has now been deleted, was due to a configuration error on Friday made by Cloudflare staff, the company's chief executive Matthew Prince has acknowledged.

The outages experienced by many companies in the US on Tuesday (Australian time) were apparently due to T-Mobile making changes to its network configuration resulting in a series of cascading failures for its users which affected both voice and data networks, the chief executive and co-founder of web-infrastructure and website-security company, Cloudflare claims.