a-brief-weekly-review-of-top-stories-that-dominated-the-cyberworld
Posted in Uncategorized

A Brief Weekly Review of Top Stories that Dominated the Cyberworld

Latest Blogs

a-brief-weekly-review-of-top-stories-that-dominated-the-cyberworld

By AMSAT April 16,2021

Dealing with cyber-threat: a complex challenge

The world of cybersecurity was catapulted when officials revealed that a Sweden’s national sports federations, including FIFA, were hacked by Russian military intelligence in 2017-18. And that was not it! The cyberworld received another shock when it discovered that FBI agents launched a court-authorized cyber campaign to remove malicious web shells from hundreds of formerly hacked Microsoft Exchange servers in the United States. More alarmingly, at least 100 million devices were affected by a spate of Domain Name System (DNS) flaws in TCP/IP stacks in the outgoing week.

 

Here’s a brief review of what took place in the past week.

Russians Hacked Swedish Sports Body

Officials divulged that Russian military intelligence in 2017-18 hacked the organization that supervised Sweden’s national sports federations, including FIFA and the World Anti-Doping Agency.

 

Swedish prosecutors said the “repeated and comprehensive breaches” of the Swedish Sports Confederation by GRU led to athletes’ personal details, such as medical records, being accessed and that information being published by Swedish media.

 

The hacking was revealed after a probe by the Swedish Security Service in cooperation with the security services of other countries. But the investigation has been stopped due to the lack of the necessary preconditions for taking legal proceedings abroad or extradition to Sweden.

FBI Agents Covertly Removed Web Shells from Hacked Microsoft Exchange Servers

The U.S. Department of Justice (DoJ) said that FBI agents carried out a court-authorized cyber drive to remove malicious web shells from hundreds of formerly hacked Microsoft Exchange servers in the United States.

 

In the wake of an upsurge in major in-the-wild zero-day attacks against Exchange Server installations that happened worldwide in January, farsighted organizations scrambled to lock down exposed Microsoft email servers and eliminate web shells that were installed by threat actors.

 

Unfortunately, several organizations were not able to fix systems and/or remove related malware that was installed.

NAME:WRECK” DNS Flaws in TCP/IP Stacks Affected At Least 100 Million Devices

Experts revealed that a string of Domain Name System (DNS) flaws affected popular TCP/IP stacks.

Jointly called NAME:WRECK and identified in the DNS implementations of FreeBSD, Nucleus NET, IPnet, and NetX, the vulnerabilities could also be exploited to carry out denial of service (DoS) attacks, to execute code remotely, or take devices offline.

 

The flaws were recognized as part of Project Memoria, a research initiative aimed at enhancing the overall security of IoT devices and which has already led to the discovery of more than 40 issues in popular TCP/IP stacks, critical components providing basic network connectivity for an extensive range of devices.

TAGS

  • Cyber Crime
  • Security Updates
  • Hacked Microsoft Exchange Servers

Recent Blogs

Share this article

Ready to Get Started?

Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

    By submitting the form, you agree to the Terms of Use and Privacy Policy

    a-brief-weekly-review-of-top-stories-that-dominated-the-cyberworld
    Posted in Uncategorized

    A Brief Weekly Review of Top Stories that Dominated the Cyberworld

    Latest Blogs

    a-brief-weekly-review-of-top-stories-that-dominated-the-cyberworld

    By AMSAT April 9,2021

    A Brief Weekly Review of Top Stories that Dominated the Cyberworld

    The outgoing week saw many events that made headlines. From social media giant Facebook removing over a dozen network fueling deception campaigns to a leading open-source security management company raising $75m, the world of cybersecurity was witness to a number of spectacular developments.

    Here’s a brief review of what took place in the past week.

    Google Fixed Critical Code Execution Flaw in Android

    Search engine titan Google patched more than 30 vulnerabilities in Android, including a remote code execution flaw in the System component.

     

    The code execution vulnerability, tracked as CVE-2021-0430 and impacting Android 10 and 11, was considered critical severity. The bug was patched as part of the 2021-04-01 security patch level.

    Five other flaws were addressed in the System component: three elevation of privilege and two information disclosure issues. All of these featured a severity rating of high.

    Facebook Eliminated 14 Networks Fueling False Campaigns

    Facebook announced that in March it eliminated a total of 14 networks of accounts from its online services, for spreading false content meant to manipulate public opinion.

     

    These networks, which emerged from 11 countries, included a total of 1,167 Facebook accounts and 290 Instagram accounts, as well as 255 pages and 34 groups on Facebook, the social platform announced.

    $75 Million Raised by Open-Source Security Management Firm WhiteSource

    WhiteSource, an open-source security management company, announced that it had raised $75 million in a Series D funding round.

     

    The Series C funding round was announced in October 2018, when the company secured $35 million. The latest round, which brings the total raised by the company to more than $120 million, was led by Pitango Growth, with participation from M12, Susquehanna Growth Equity, and 83North.

     

    WhiteSource, founded in 2011, has developed a product designed to help software development teams capably manage the open source components they use.

     

    WhiteSource has offices in the United States, United Kingdom and Israel, with over 800 customers worldwide, including nearly a quarter of Fortune 100 companies.

    TAGS

    • Cyber Crime
    • Security Updates
    • Cyber Security News

    Recent Blogs

    Share this article

    Ready to Get Started?

    Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

      By submitting the form, you agree to the Terms of Use and Privacy Policy