Recent Security News
-
Japan’s Space Program at Risk After Microsoft Active Directory Breach
December 1, 2023 at 02:22PM Japan’s space agency, JAXA, suffered a cyberattack this past summer through a Microsoft Active Directory breach, potentially exposing sensitive data. Nation-state hackers are suspected given past incidents involving Chinese military hackers. JAXA is investigating the breach’s scope and has partially shut down its network. **Takeaways from Meeting Notes:** 1. Incident…
-
Hackers use new Agent Raccoon malware to backdoor US targets
December 1, 2023 at 02:15PM Agent Raccoon, a novel .NET malware used for espionage, targets organizations globally and is linked to nation-state actors by Unit 42. It masquerades as an updater, using DNS for covert communication and includes tools for credential theft and data exfiltration, with active development indicating evolving capabilities. Meeting Takeaways: 1. A…
-
Congressmen Ask DOJ to Investigate Water Utility Hack, Warning It Could Happen Anywhere
December 1, 2023 at 01:24PM Congress members urged the DOJ to probe a foreign cyber-attack on a Pittsburgh-area water utility, leading CISA to caution other water facilities about potential vulnerabilities. (Note: The summary is based on the information provided and does not include the sentence “The post Congressmen Ask DOJ to Investigate Water Utility Hack,…
-
French government recommends against using foreign chat apps
December 1, 2023 at 01:18PM French PM Élisabeth Borne recommended government employees switch to the French app Olvid from foreign messaging apps like Signal and WhatsApp. Olvid offers end-to-end encryption without personal data and has ANSII security certification. The move isn’t a ban but aims to enhance data security within the government. Takeaways from the…
-
VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks
December 1, 2023 at 01:04PM VMware fixed a critical authentication bypass vulnerability in upgraded Cloud Director appliance 10.5, which allowed remote attackers to exploit it without user interaction. The issue, identified as CVE-2023-34060, did not affect fresh installations, Linux deployments, or other appliances. VMware also provided a workaround script for immediate protection, ensuring no service…