Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2889570 times)

Asyn · « **Reply #6285 on:** December 18, 2020, 11:30:22 AM »

Quote from: Asyn on December 18, 2020, 10:46:55 AM

FBI, CISA officially confirm US govt hacks after SolarWinds breach
https://www.bleepingcomputer.com/news/security/fbi-cisa-officially-confirm-us-govt-hacks-after-solarwinds-breach/

SolarWinds hackers breach US nuclear weapons agency
https://www.bleepingcomputer.com/news/security/solarwinds-hackers-breach-us-nuclear-weapons-agency/

Microsoft confirms breach in SolarWinds hack, denies infecting others
https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-breach-in-solarwinds-hack-denies-infecting-others/

Alert (AA20-352A) - Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
https://us-cert.cisa.gov/ncas/alerts/aa20-352a
https://us-cert.cisa.gov/sites/default/files/publications/AA20-352A-APT_Compromise_of_Government_Agencies%2C_Critical%20Infrastructure%2C_and_Private_Sector_Organizations.pdf

bob3160 · « **Reply #6286 on:** December 18, 2020, 06:58:02 PM »

Weekly Security News Roundup w/e 12-18-2020

https://youtu.be/BgD8oTAOtWU
This was a very busy (bad) week.

schmidthouse · « **Reply #6287 on:** December 18, 2020, 10:23:47 PM »

Quote from: Asyn on December 18, 2020, 11:30:22 AM

Quote from: Asyn on December 18, 2020, 10:46:55 AM
FBI, CISA officially confirm US govt hacks after SolarWinds breach
https://www.bleepingcomputer.com/news/security/fbi-cisa-officially-confirm-us-govt-hacks-after-solarwinds-breach/

SolarWinds hackers breach US nuclear weapons agency
https://www.bleepingcomputer.com/news/security/solarwinds-hackers-breach-us-nuclear-weapons-agency/

Microsoft confirms breach in SolarWinds hack, denies infecting others
https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-breach-in-solarwinds-hack-denies-infecting-others/
Alert (AA20-352A) - Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
https://us-cert.cisa.gov/ncas/alerts/aa20-352a
https://us-cert.cisa.gov/sites/default/files/publications/AA20-352A-APT_Compromise_of_Government_Agencies%2C_Critical%20Infrastructure%2C_and_Private_Sector_Organizations.pdf

Quite possibly tip of the 'Iceberg'

Asyn · « **Reply #6288 on:** December 19, 2020, 10:09:05 AM »

Quote from: schmidthouse on December 18, 2020, 10:23:47 PM

Quote from: Asyn on December 18, 2020, 11:30:22 AM
Quote from: Asyn on December 18, 2020, 10:46:55 AM
FBI, CISA officially confirm US govt hacks after SolarWinds breach
https://www.bleepingcomputer.com/news/security/fbi-cisa-officially-confirm-us-govt-hacks-after-solarwinds-breach/

SolarWinds hackers breach US nuclear weapons agency
https://www.bleepingcomputer.com/news/security/solarwinds-hackers-breach-us-nuclear-weapons-agency/

Microsoft confirms breach in SolarWinds hack, denies infecting others
https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-breach-in-solarwinds-hack-denies-infecting-others/
Alert (AA20-352A) - Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
https://us-cert.cisa.gov/ncas/alerts/aa20-352a
https://us-cert.cisa.gov/sites/default/files/publications/AA20-352A-APT_Compromise_of_Government_Agencies%2C_Critical%20Infrastructure%2C_and_Private_Sector_Organizations.pdf
Quite possibly tip of the 'Iceberg'

Microsoft identifies 40+ victims of SolarWinds hack, 80% from US
https://www.bleepingcomputer.com/news/security/microsoft-identifies-40-plus-victims-of-solarwinds-hack-80-percent-from-us/

Asyn · « **Reply #6289 on:** December 20, 2020, 08:05:51 AM »

Quote from: Asyn on December 19, 2020, 10:09:05 AM

Quote from: schmidthouse on December 18, 2020, 10:23:47 PM
Quote from: Asyn on December 18, 2020, 11:30:22 AM
Quote from: Asyn on December 18, 2020, 10:46:55 AM
FBI, CISA officially confirm US govt hacks after SolarWinds breach
https://www.bleepingcomputer.com/news/security/fbi-cisa-officially-confirm-us-govt-hacks-after-solarwinds-breach/

SolarWinds hackers breach US nuclear weapons agency
https://www.bleepingcomputer.com/news/security/solarwinds-hackers-breach-us-nuclear-weapons-agency/

Microsoft confirms breach in SolarWinds hack, denies infecting others
https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-breach-in-solarwinds-hack-denies-infecting-others/
Alert (AA20-352A) - Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
https://us-cert.cisa.gov/ncas/alerts/aa20-352a
https://us-cert.cisa.gov/sites/default/files/publications/AA20-352A-APT_Compromise_of_Government_Agencies%2C_Critical%20Infrastructure%2C_and_Private_Sector_Organizations.pdf
Quite possibly tip of the 'Iceberg'
Microsoft identifies 40+ victims of SolarWinds hack, 80% from US
https://www.bleepingcomputer.com/news/security/microsoft-identifies-40-plus-victims-of-solarwinds-hack-80-percent-from-us/

The SolarWinds cyberattack: The hack, the victims, and what we know
https://www.bleepingcomputer.com/news/security/the-solarwinds-cyberattack-the-hack-the-victims-and-what-we-know/

polonus · « **Reply #6290 on:** December 22, 2020, 01:28:13 AM »

Solar winds hack related IP list: https://raw.githubusercontent.com/ExtraHop/code-examples/main/sunburst/threats.json

polonus

Asyn · « **Reply #6291 on:** December 23, 2020, 08:07:25 AM »

Quote from: Asyn on December 20, 2020, 08:05:51 AM

Quote from: Asyn on December 19, 2020, 10:09:05 AM
Quote from: schmidthouse on December 18, 2020, 10:23:47 PM
Quote from: Asyn on December 18, 2020, 11:30:22 AM
Quote from: Asyn on December 18, 2020, 10:46:55 AM
FBI, CISA officially confirm US govt hacks after SolarWinds breach
https://www.bleepingcomputer.com/news/security/fbi-cisa-officially-confirm-us-govt-hacks-after-solarwinds-breach/

SolarWinds hackers breach US nuclear weapons agency
https://www.bleepingcomputer.com/news/security/solarwinds-hackers-breach-us-nuclear-weapons-agency/

Microsoft confirms breach in SolarWinds hack, denies infecting others
https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-breach-in-solarwinds-hack-denies-infecting-others/
Alert (AA20-352A) - Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
https://us-cert.cisa.gov/ncas/alerts/aa20-352a
https://us-cert.cisa.gov/sites/default/files/publications/AA20-352A-APT_Compromise_of_Government_Agencies%2C_Critical%20Infrastructure%2C_and_Private_Sector_Organizations.pdf
Quite possibly tip of the 'Iceberg'
Microsoft identifies 40+ victims of SolarWinds hack, 80% from US
https://www.bleepingcomputer.com/news/security/microsoft-identifies-40-plus-victims-of-solarwinds-hack-80-percent-from-us/
The SolarWinds cyberattack: The hack, the victims, and what we know
https://www.bleepingcomputer.com/news/security/the-solarwinds-cyberattack-the-hack-the-victims-and-what-we-know/

SolarWinds victims revealed after cracking the Sunburst malware DGA
https://www.bleepingcomputer.com/news/security/solarwinds-victims-revealed-after-cracking-the-sunburst-malware-dga/

polonus · « **Reply #6292 on:** December 23, 2020, 03:18:32 PM »

Glomar response from FBI on accusations of secretly breaking into encryption.

Re: https://www.aclu.org/news/privacy-technology/the-fbi-is-secretly-breaking-into-encrypted-devices-were-suing/

What is a "glomar" response? Read: https://en.wikipedia.org/wiki/Glomar_response
In most cases a glomar responses often could be taken as being confirmative.

Others are also into this, like Europol with their decryption-platform.

polonus

bob3160 · « **Reply #6293 on:** December 28, 2020, 12:11:04 AM »

Weekly Security News Roundup w/e 12-25-2020

https://youtu.be/DjveRsce7uo

Asyn · « **Reply #6294 on:** December 31, 2020, 09:32:08 AM »

T-Mobile data breach exposed phone numbers, call records
https://www.bleepingcomputer.com/news/security/t-mobile-data-breach-exposed-phone-numbers-call-records/
https://www.t-mobile.com/responsibility/consumer-info/security-incident

Asyn · « **Reply #6295 on:** January 01, 2021, 08:19:35 AM »

Data breach broker selling user records stolen from 26 companies
https://www.bleepingcomputer.com/news/security/data-breach-broker-selling-user-records-stolen-from-26-companies/

bob3160 · « **Reply #6296 on:** January 02, 2021, 08:27:12 PM »

Security News Roundup w/e 1-1-2021

https://youtu.be/_Q8a5DAFh34

Asyn · « **Reply #6297 on:** January 04, 2021, 07:17:37 AM »

Beware: PayPal phishing texts state your account is 'limited'
https://www.bleepingcomputer.com/news/security/beware-paypal-phishing-texts-state-your-account-is-limited/

Asyn · « **Reply #6298 on:** January 06, 2021, 09:58:48 AM »

Hacker posts data of 10,000 American Express accounts for free
https://www.bleepingcomputer.com/news/security/hacker-posts-data-of-10-000-american-express-accounts-for-free/

Asyn · « **Reply #6299 on:** January 08, 2021, 08:36:45 AM »

WhatsApp: Share your data with Facebook or delete your account
https://www.bleepingcomputer.com/news/security/whatsapp-share-your-data-with-facebook-or-delete-your-account/

Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2889570 times)

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

bob3160

Re: SECURITY WARNINGS & Notices - Please post them here

schmidthouse

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

polonus

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

polonus

Re: SECURITY WARNINGS & Notices - Please post them here

bob3160

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

bob3160

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here