Singtel says it is investigating the impact of a cybersecurity breach that may have compromised customer data, after it ascertained on February 9 that "files were taken". The attack had affected a file-sharing system developed two decades ago by a third-party vendor Accellion, which the Singapore telco had used internally and with external stakeholders.
According to a message posted on its official site [archived], the company said it was breached on Monday, February 8. The hacker appears to have "compromised" the company's entire operation, including its official website, admin section, and customer database.
The flaw, discovered by researchers at the security firm SentinelOne, showed up in a driver that Windows Defender—renamed Microsoft Defender last year—uses to delete the invasive files and infrastructure that malware can create. When the driver removes a malicious file, it replaces it with a new, benign one as a sort of placeholder during remediation. But the researchers discovered that the system doesn't specifically verify that new file. As a result, an attacker could insert strategic system links that direct the driver to overwrite the wrong file or even run malicious code.
First disclosed on February 19, 2020, by a bug bounty hunter who goes by the name "Cr33pb0y" on HackerOne, the vulnerability is described as a "reflected XSS and CSP bypass" issue.
The most critical of the flaws is a Windows Win32k privilege escalation vulnerability (CVE-2021-1732, CVSS score 7.8) that allows attackers with access to a target system to run malicious code with elevated permissions. Microsoft credited JinQuan, MaDongZe, TuXiaoYi, and LiHao of DBAPPSecurity for discovering and reporting the vulnerability.
Vulnerabilities in the communications protocols used by millions of Internet of Things (IoT) and operational technology (OT) devices could allow cyber attackers to intercept and manipulate data.
New Delhi, A 2016 Facebookmalware campaign, known to use a combination of Windows trojan, browser injections, clever scripting and a bug in the social network's platform, has resurfaced in India, targeting millions of users, a new report warned on Monday
The Google Chrome Sync feature can be abused by threat actors to harvest information from compromised computers using maliciously-crafted Chrome browser extensions.
Users had the Barcode Scanner App installed on their devices for long periods. After an update during December, Barcode Scanner had gone from an innocent scanner to full-on malware!
Ransomware is getting worse. Cybersecurity analysts have been screaming this sentiment from the rooftops for years, but now new research examining the expanding landscape of software vulnerabilities leveraged in ransomware attacks offers up some hard numbers that put the depth of this problem into context.