Federal Reserve nationwide outage impacts US banking system

Posted by & filed under Security News.

The US Federal Reserve suffered a massive IT systems outage today that prevented wire transfers, ACH transactions, and other services from operating. When performing a US wire transfer or ACH withdrawal/deposit, the transaction first goes through the Federal Reserve Bank systems who facilitate the transaction. Today, the Federal Reserve banking systems suffered an outage caused… Read more »

Cisco fixes maximum severity MSO auth bypass vulnerability

Posted by & filed under Ειδοποιήσεις.

Cisco has addressed a maximum severity authentication bypass vulnerability found in the API endpoint of the Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine. Cisco ACI MSO is an intersite network and policy orchestration solution that helps admins monitor the health of their organizations’ interconnected sites across multiple data centers.

Chinese hackers used NSA exploit years before Shadow Brokers leak

Posted by & filed under Ειδοποιήσεις.

Chinese state hackers cloned and started using an NSA zero-day exploit almost three years before the Shadow Brokers hacker group publicly leaked it in April 2017. EpMe is the original exploit created by Equation Group around 2013 for a Windows zero-day bug tracked as CVE-2017-2005. The vulnerability was used for escalating Windows user privileges after gaining… Read more »

France links Russian Sandworm hackers to hosting provider attacks

Posted by & filed under Ειδοποιήσεις.

The French national cyber-security agency has linked a series of attacks that resulted in the breach of multiple French IT providers over a span of four years to the Russian-backed Sandworm hacking group. ANSSI (short for Agence Nationale de la Sécurité des Systèmes d’Information) has not been able to determine how the servers were compromised…. Read more »

Iranian Hackers Utilize ScreenConnect to Spy On UAE, Kuwait Government Agencies

Posted by & filed under Ειδοποιήσεις.

UAE and Kuwait government agencies are targets of a new cyberespionage campaign potentially carried out by Iranian threat actors, according to new research. Attributing the operation to be the work of Static Kitten (aka MERCURY or MuddyWater), Anomali said the “objective of this activity is to install a remote management tool called ScreenConnect (acquired by ConnectWise 2015) with unique launch parameters… Read more »