News – October 2021


  • US Navy Warship’s Facebook Page Hacked to Stream ‘Age of Empires’ Gaming

    October 7, 2021

    The official Facebook page of a destroyer-class Navy warship, the USS Kidd, has gone rogue: Someone has taken over the page in order to…stream Age of Empires play. Age of Empires is a real-time online multiplayer strategy game in which the objective is to advance one’s civilization. Players “build, settle, trade and fight” their way from ...

  • European Parliament passes non-binding resolution to ban facial recognition

    October 7, 2021

    The European Parliament has voted in favour to a resolution banning law enforcement from using facial recognition systems. In explaining the resolution, the European Parliament said the use of AI by law enforcement currently poses various risks spanning opaque decision-making, discrimination, privacy intrusion, challenges to the protection of personal data, human dignity, and the freedom of ...

  • Google warns 14,000 Gmail users targeted by Russian hackers

    October 7, 2021

    Google has warned about 14,000 of its users about being targeted in a state-sponsored phishing campaign from APT28, a threat group that has been linked to Russia. The campaign was detected in late September and accounts for a larger than usual batch of Government-Backed Attack notifications that Google sends to targeted users every month. Shane Huntley, who ...

  • Twitch source code, business data, gamer payouts leaked in massive hack

    October 6, 2021

    An unknown hacker has leaked the entirety of Twitch’s source code among a 128 GB trove of data released this week. The hack, first reported by Video Games Chronicle and confirmed by multiple sources, includes: The entirety of twitch.tv, with commit history going back to its early beginnings Mobile, desktop and console Twitch clients Creator payout reports from 2019 Proprietary ...

  • Ransom Disclosure Act would give victims 48 hours to report payments

    October 5, 2021

    Victims of ransomware attacks in the United States may soon have to report any payments to hackers within 48 hours, according to a new legislation proposal titled the ‘Ransom Disclosure Act’. The bill was drafted by U.S. Senator Elizabeth Warren and Representative Deborah Ross, and its goal is to strengthen DHS’s (Department of Homeland Security) understanding ...

  • New UEFI bootkit used to backdoor Windows devices since 2012

    October 5, 2021

    A newly discovered and previously undocumented UEFI (Unified Extensible Firmware Interface) bootkit has been used by attackers to backdoor Windows systems by hijacking the Windows Boot Manager since 2012. Bootkits are malicious code planted in the firmware (sometimes targeting UEFI) invisible to security software that runs within the operating system since the malware is designed to ...

  • The Telegraph exposes 10 TB database with subscriber info

    October 5, 2021

    ‘The Telegraph’, one of the UK’s largest newspapers and online media outlets, has leaked 10 TB of data after failing to properly secure one of its databases. The exposed information includes internal logs, full subscriber names, email addresses, device info, URL requests, IP addresses, authentication tokens, and unique reader identifiers. Bob Diachenko, the researcher who discovered the ...

  • Apache Web Server Zero-Day Exposes Sensitive Data

    October 5, 2021

    Apache Software has quickly issued a fix for a zero-day security bug in the Apache HTTP Server, which was first reported to the project last week. The vulnerability is under active exploitation in the wild, it said, and could allow attackers to access sensitive information. According to a security advisory issued on Monday, the issue (CVE-2021-41773) ...

  • Hong Kong firm becomes latest marketing company hit with REvil ransomware

    October 5, 2021

    Hong Kong marketing firm Fimmick has been hit with a ransomware attack, according to a British cybersecurity firm monitoring the situation. Fimmick has offices in Hong Kong and across China, serving several high-profile clients like McDonalds, Coca-Cola, Shell, Asus and others. Their website is currently down and there was no response to ZDNet requests for comment. Matt ...

  • Facebook Blames Outage on Faulty Router Configuration

    October 5, 2021

    As of Monday night, Facebook had crawled back from what may have been its longest blackout ever and apologized for the mass outage that left billions of users locked out of Facebook, Instagram, WhatsApp, Messenger and Oculus VR for about six hours. In a Monday night blog post, Santosh Janardhan Facebook’s vice president of infrastructure gave ...

  • IP Surveillance Bugs in Axis Gear Allow RCE, Data Theft

    October 5, 2021

    Three vulnerabilities in the IP video-surveillance systems created by Axis Communications could allow arbitrary code execution, among other attacks. That’s according to Nozomi Networks Labs, whose researchers examined the company’s Axis Companion Recorder, a compact network video recorder (NVR) that stores IP surveillance video coming from attached cameras (it can support up to eight at one ...

  • BlackBerry ties malware campaign targeting victims in India to Chinese cyberespionage group

    October 5, 2021

    The BlackBerry Research & Intelligence team released a new report on Tuesday linking disparate malware campaigns to Chinese cyberespionage group APT41, noting that the group has been taking advantage of Cobalt Strike activity using a bespoke Malleable C2 Profile that uses COVID-19 phishing lures to target victims in India. The team was able to link phishing ...

  • UK plans to invest £5 billion in retaliatory cyber-attacks

    October 4, 2021

    The United Kingdom has revealed plans to invest £5 billion in bolstering national cybersecurity that includes creating a “Cyber Force” unit to perform retaliatory attacks. Cyber-warfare is being embraced as the “fifth domain” of international conflict and is being incorporated in the core functional aspects of nations, including the military. This includes having the same level ...

  • Ransomware Gang Arrested In Ukraine With Europol’s Support

    October 4, 2021

    On 28 September, a coordinated strike between the French National Gendarmerie (Gendarmerie Nationale), the Ukrainian National Police (Національна поліція України) and the United States Federal Bureau of Investigation (FBI), with the coordination of Europol and INTERPOL, has led to the arrest in Ukraine of two prolific ransomware operators known for their extortionate ransom demands (between ...

  • Transnational fraud ring stole millions from US Army members, veterans

    October 3, 2021

    Fredrick Brown, a former U.S. Army contractor, was sentenced today to 151 months in prison after admitting to his role in a conspiracy that targeted thousands of U.S. service members and veterans and caused millions of dollars in losses. Brown was one of five fraudsters charged with carrying out an identify-theft and fraud scheme that targeted ...