Swift, Strong Denials Dog Second Bloomberg Story on China's Exploitation of Supermicro
Feds offer details and mitigations related to Oldsmar water supply attack, Proofpoint sues Facebook over the right to use phishing URLs for training, Microsoft fixes Defender flaw, and much more
Stay tuned for more custom content available only to our premium subscribers. Better yet, sign up for a subscription now so that you don’t miss a thing.
Resurrecting a story it first ran in 2018, Bloomberg has released another supposed bombshell story involving how China has purportedly exploited products developed by U.S. company hardware maker Supermicro Computer.
In a lengthy piece that cites numerous unnamed officials and provides many background descriptions, the authors seem to have moved away from their previous claim that China had managed to infiltrate the supply chain of Supermicro to implant surveillance chips in the motherboards the company used. In a series of rapid and highly credible denials, Supermicro refuted the earlier story’s claims, as did SuperMicro customers Apple and Amazon. Supermicro also strongly refutes this second article’s assertions. The U.S. government, as well as the NSA, likewise deny the claims raised in both stories. (Jordan Robertson, Micheal Riley / Bloomberg)
The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Environmental Protection Agency (EPA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) issued a report on the breach of the water system in Oldsmar, Florida, offering technical details of the attack and spelling out some mitigations that can be used in the wake of such an attack.
The recommendations center on using updated versions of operating systems, implementing two-factor authentication, and other relevant cybersecurity hygiene measures. The report further outlines how organizations can best safely use TeamViewer to minimize security risks. (CISA)
Security giant Proofpoint has sued Facebook regarding the social media giant’s effort to confiscate domain names the security firm was using for phishing awareness training.
The suit stems from a lawsuit filed by Facebook in November 2020 after Facebook used a UDRP (Uniform Domain-Name Dispute-Resolution) request to force domain name registrar Namecheap to hand over several domain names that were mimicking Facebook and Instagram brands. Proofpoint argues that UDRP requests should only be used for domains registered in bad faith and that its phishing tests are critical to customers’ security. (Catalin Cimpanu / ZDNet)
Safari Technology Preview aims to gather feedback from developers and users on its browser development process. (Juli Clover / MacRumors)
After Spanish Ph.D. student Javier Juste released a free decryption utility that can help victims of the Avaddon ransomware recover their files for free, the ransomware gang fixed a bug that allowed the decryptor to work.
The Avaddon gang said in its forum it learned of Yuste's decrypter and has already deployed updates to its code, effectively negating the tool's capability. (Catalin Cimpanu / ZDNet)
Researchers at Sentinel One report that Microsoft fixed a privilege escalation vulnerability they discovered in Microsoft Defender Antivirus (formerly Windows Defender) that could allow attackers to gain admin rights on unpatched Windows systems.
The flaw is an elevation of privilege vulnerability tracked as CVE-2021-24092 impacting Defender versions going back as far as 2009, affecting client and server releases starting with Windows 7 and up. (Sergiu Gatlan / Bleeping Computer)
Researchers at Lookout Security say that two new Android families called HornBill and SunBird are targeting military, nuclear, and election entities in Pakistan and Kashmir as part of a pro-India, state-sponsored hacking campaign run by a group called Confucius.
Lookout’s report said that among the targets were “an individual who applied for a position at the Pakistan Atomic Energy Commission, individuals with numerous contacts in the Pakistan Air Force (PAF), as well as officers responsible for electoral rolls (Booth Level Officers) located in the Pulwama district of Kashmir.” (Ravie Lakshmanan / The Hacker News)
A week after the Burmese army overthrew Aung San Suu Kyi's elected government, a 36-page proposal of a new cybersecurity law was floated to mobile operators and telecoms license holders that a group of the world’s largest Internet companies say violate human rights and hurts the country’s economy.
The Asia Internet Coalition, whose members include Apple, Facebook, Google and Amazon say the new law would “undermine freedom of expression and represents a regressive step after years of progress. (Reuters)
The QIMR Berghofer Medical Research Institute in Australi joining Singapore telco Singtel and several other organizations that have been victims of a data breach caused by the secure transfer protocol company Accellion’s FTA secure file transfer software.
Other victims include the Reserve Bank of New Zealand, the Australian Securities and Investments Commission (ASIC), and the Washington State Auditor (SAO). (Lawrence Abrams / Bleeping Computer)
Photo by smial (talk) - Own work, FAL, https://commons.wikimedia.org/w/index.php?curid=17288839