Cyber Bites

The new Microsoft Edge browser is based on Chromium, the same engine that powers Google Chrome, so it’s capable of running any extension published in the Chrome Web Store. But at the same time, Microsoft also maintains its own add-on stores where the company says it’s only publishing recommended extensions that have been previously verified and validated for its browser. Only that just like it happens in the case of Google Chrome and Mozilla Firefox,...

Elexon, a crucial middleman in the UK power grid network, reported that it fell victim to a cyber-attack earlier today. In a short message posted on its website, the company said the incident only impacted its internal IT network and employee laptops. The company's email server was also impacted and had been taken down, cutting employees off from crucial communications. Systems that managed the UK's electricity transit were unaffected, according to Elexon. In a subsequent...

Details of Pakistani mobile subscribers have surfaced online after a hacker tried to sell the package for 300 bitcoins equivalent to $2.1 million. The data leak exposed personally identifiable information (PII) for 115 million subscribers. The exposure took place in two subsequent breaches that exposed the details of 44 million and 55 million subscribers, respectively. None of the affected mobile service providers has acknowledged any data breach on their servers. There is an ongoing investigation...

BEC gangs like “Exaggerated Lion” are using tricky tactics – like exploiting G Suite – to scam companies out of millions. Business email compromise (BEC) attacks continue to be a thorn in companies’ sides, with the FBI in its IC3 annual cybercrime report saying that the attacks cost victims $1.7 billion in 2019. Making matters worse, BEC cybergangs are turning to new tactics and tricks to avoid detection and capitalize on existing victims. For instance,...

Security researchers from Kaspersky have identified a new version of the COMpfun malware that controls infected hosts using a mechanism that relies on HTTP status codes. The malware has been first spotted last year, in November, and has been deployed in attacks against diplomatic entities across Europe. Responsible for the attacks is a group known as Turla, a state-sponsored Russian threat actor that has historically engaged in cyber-espionage operations.  Turla has a long history of...

The cross-site scripting vulnerability could have allowed trivial account takeover. Facebook has awarded a security researcher $20,000 for discovering a cross-site scripting (XSS) vulnerability in the Facebook Login SDK, which is used by developers to add a “Continue with Facebook” button to a page as an authentication method. Exploitation could allow threat actors to hijack accounts. Security researcher Vinoth Kumar identified a Document Object Model-based (DOM) XSS flaw in the window.postMessage() method of the platform’s...

Logins, personal information and tax info were all exfiltrated ahead of the ransomware attack, thanks to a phishing email. Magellan Health, the Fortune 500 insurance company, has reported a ransomware attack and a data breach. The company, which says it “empowers 1 in 10 Americans to lead healthier, more vibrant lives” according to its website, said the incident was discovered on April 11. It also said that it became apparent during a forensic investigation that...

Texas appellate courts and judicial agencies’ websites and computer servers were shut down after a ransomware attack. A ransomware attack has hit the information technology office that supports Texas appellate courts and judicial agencies, leading to their websites and computer servers being shut down. The office said that it will not pay the ransom requested by the cybercriminals. Specifically affected is the Office of Court Administration (OCA), which is the IT provider for the appellate...

Microsoft’s May edition of Patch Tuesday landed yesterday, replete with critical updates for SharePoint Server as well as client-side patches for the Internet Explorer (IE) and Edge web browsers. Although the update batch tackles a bumper 111 flaws – including 16 rated as ‘critical’ – none have been exploited in the wild to date, according to Microsoft. A series of patches for SharePoint collectively address 12 security vulnerabilities, including four critical flaws that pose a...

ATM manufacturer Diebold Nixdorf has suffered a ransomware attack on its corporate network, disrupting some operations. The malware attack, first reported by security blogger Brian Krebs, did not affect the company's ATMs or customer networks. Diebold Nixdorf discovered the issue - in which crooks appear to have installed the ProLock ransomware - on 25 April. The firm disconnected systems on the affected network to contain the malware and says that it did not pay a...