Cyber Bites

At the LORCA Live online event, Rob Meyerson, founder and CEO at Delalune Space claimed that the commercial space industry needs support from the cybersecurity sector in order to build trust and resilience. Former employee of NASA and Blue Origin, Meyerson is now focused on investing in new businesses that aim to operate in the space sector. This more recently includes cybersecurity. As a society, we are already reliant on the space industry to run...

Already, DDoS attacks have set a new record and taken the extortion trend that started in August 2020 to the next level. Akamai, an internet security company has already reported the largest known DDoS (RDDoS) attack. The company has said the attack was more complex than previously seen incidents of DDoS attacks. In February of 2021, Akamai dealt with "three of the six biggest volumetric DDoS attacks" that have ever been recorded. The most recent...

Ubiquiti suffered a data breach, which they disclosed in January 2021. Recent information, however, claims that the data breach report was potentially a cover-up of a larger incident that put customer data and devices deployed on corporate and home networks at risk. Ubiquiti originally reported that an attacker had accessed some of its IT systems, which were hosted by a third party cloud provider and that there was no evidence of unauthorised activity. The company...

A North Korean Hacking group, know to previously have targeted security researchers has recently created a fake offensive security firm. The threat actors were first documented in January 2021, per Google's Threat Analysis Group (TAG). The TAG specialists have said that the North Korean hackers had developed a web of fake profiles on various social media platforms. Among these are Twitter, Keybase and LinkedIn. The group would reach out to its victims asking for a...

Microsoft is offering up a $30,000 reward to security researchers who can find vulnerabilities within the Microsoft Teams application. Over the last year, the remote working and collaboration platform has seen a massive increase in users as a result of the coronavirus pandemic. This new bug bounty programme potentially highlights the importance of the application's role in Microsoft's future plans, as most companies only offer this type of programme for their most important services. The...

The email accounts belonging to the Trump administration's head of homeland security (DHS) along with those of members of cybersecurity staff have been hacked by suspected Russian hackers. The hackers specifically targeted the members of cybersecurity staff whose job it is to hunt threats from foreign countries. The accounts were breached in the SolarWinds intrusion, which caused dispute around how the US government can protect individuals, companies and institutions, if it is unable to protect...

The production systems at Nine Network, an Australian TV network went offline for 24 hours, as a result of a suspected state-backed attack. Following the system shut down early on Sunday morning, all the staff were ordered to work from home indefinitely while the teams deal with the repercussions. Vanessa Morley, Nine Entertainment's people and culture director sent out an email stating: “Our IT teams are working around the clock to fully restore our systems, which...

Positive Technologies employees Mark Ermolov and Dmitry Sklyarov, together with independent researcher Maxim Goryachi discovered two undocumented instructions in Intel processors. These can be used to change the microcode, allowing for attackers to take control of the processor and the entire system. According to the data that has been published, the vulnerabilities were left undocumented by the manufacturer. Receiving access to the two vulnerabilities opens up a special mode, which is normally only available to...

An analysis published on Friday reveals that at least three major companies have been recent victims of the Hades ransomware. The analysis was published by Accenture's Cyber Investigation & Forensic Response (CIFR) and Cyber Threat Intelligence (ACTI) teams. Accenture claims that the threat actors are targeting organisations that generate at least $1 billion in annual revenue. Reportedly Forward Air was one of the victims. The attackers have been taking a hands-on approach, using a mix...

Microsoft has recently started a brand new bug bounty program for their Teams desktop application. The bug bounty program is offering up to $30,000 as a reward for finding security vulnerabilities, with the highest payouts going to whoever has the ability to expose the most Teams user data. The program manager, Lynn Miyashita, said, “The Teams desktop client is the first in-scope application under the new Apps Bounty Program, we look forward to sharing updates...