Share Blog Post
- The U.S. Coast Guard announced the establishment of its first-ever red team under the Cyber Operational Assessments Branch to bolster the Coast Guard’s cyber defenses.
- The DHS will be issuing a security directive to pipeline companies that will assist their teams in reporting cybercriminal activities within their network to mitigate threats.
- The FBI is planning on sharing compromised passwords with Have I Been Pwned’s ‘Password Pwned’ service. This would enable users and admins to check for passwords that have been used for malicious intents.
- The French National Directorate of Intelligence and Customs Investigations seized their third dark web marketplace, known as Le Monde Parallèle (The Parallel World).
- The post-quantum cryptography standard, a years-long project by the federal government, is to be finalized later this year. It is believed that quantum computing will be able to tear through existing pubic key encryption algorithms.
- Fujitsu was forced to temporarily shut down its ProjectWEB SaaS platform after cyberattacks on multiple Japanese government entities, including the Ministry of Land, Infrastructure, Transport and Tourism; the Ministry of Foreign Affairs; the Cabinet Secretariat; and the Narita Airport.
- Microsoft discovered the Russia-based APT29 threat actor targeting around 150 government agencies, consultants, think tanks, and NGOs in at least 24 nations. This group was responsible for the SolarWinds attack.
- A cyberespionage campaign hit the Belgian Interior ministry in 2019 and was uncovered this March. Federal authorities had launched an investigation to identify the origin of the operation, which data had been hacked, and whether a foreign state was involved.
- Private patient info was released to media outlets by hackers who targeted hospitals in New Zealand’s Waikato district. The attack took place last week and the hackers gained unauthorized access to documents containing names, phone numbers, and addresses of patients and staff.
- Around 200,000 patients and employees of Rehoboth Mckinley Christian Health Care Services (RMCHCS) were affected due to a data breach.
- Bose Corporation suffered a data breach that occurred due to a ransomware attack in March. The personal information—social security numbers, compensation information, and other HR-related information—of some of its current and former employees was accessed by the attackers.
- A database belonging to Bergen Logistics remains exposed for public access without any security authentication. It includes 467,979 records, containing names, addresses, order numbers, and email addresses, all relevant to shipments and customers.
- Indonesia’s government admitted to the leak of the personal data of millions of citizens on the RaidForums dark web market. The data was stolen from a national health insurance scheme Badan Penyelenggara Jaminan Sosial (BPJS).
- The BazarLoader backdoor has returned in a new campaign that masquerades as a fake movie-streaming service BravoMovies.
- Apple M1 chips are being bugged by a newly found M1RACLES bug. Tracked as CVE-2021-30747, the bug allows two apps running on the same device to exchange data between one another via a secret channel at the CPU level.
- Steam is being targeted by a new type of phishing attack. The important aspect of the scam is that the URL includes a secured padlock, which convinces the users into believing that the website is safe.
- New details have emerged about the TeamTNT hacking group that has targeted close to 50,000 IPs in a lesser-known worm-like attack between March and May. Most of the compromised Kubernetes nodes are from China and the U.S.
- A new cyberespionage campaign is making the rounds in which SolarMarker backdoor pretends to be a legit PDFescape Installer to bypass security solutions.
- Evil Annotation and Sneaky Signature are two recently discovered exploits that can be weaponized against certified PDFs to alter arbitrary content. Twenty-four popular PDF tools are vulnerable to either one or both the flaws.
- Google security experts demonstrated another variant of the Rowhammer attack dubbed Half-Double that capitalizes on newer DRAM chips to alter the contents of memory.
- The Iranian hacking group Agrius has come up with a new destructible wiper malware Apostle that includes the functionality of wiper and ransomware. This new malware primarily focuses on cyberespionage and destruction.
- A new, sophisticated malvertising campaign has been spotted that propagates the weaponized AnyDesk installer.
- Check Point Research and Kaspersky uncovered a campaign, probably by Chinese threat actors, targeting Uyghurs via phishing documents branded with the United Nations Human Rights Council (UNHRC) logo.
Posted on: May 28, 2021
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...