‘Sandworm Team’ hackers from Russia are exploiting Exim, warns NSA

The U.S. National Security Agency on Thursday issued an advisory alleging that hackers from Russia’s Main Intelligence Directorate (GRU) have been actively exploiting a remote code execution vulnerability in Exim Mail Transfer Agent (MTA) software, found in Unix-based systems. Researchers and analysts reacting to the agency’s warning say the announcement

The inevitable coronavirus-inspired cyber-attacks are stepping up. Are you ready?

They’re not very sophisticated, but they’re working: Watch and learn how to fight back Webcast  You’ve probably had the COVID-19 coronavirus social-engineering scams quietly filtering into, hopefully, your junk folder by now. Featuring anything from bogus medical research with malware-laden URLs to one-to-one approaches offering fake vaccines, it’s not taken

Remember when Republicans said Dems hacked voting systems to rig Georgia’s election? There were no hacks

‘No evidence of damage to network or computers, no evidence of theft, damage, or loss of data’ On November 4th, 2018, now-Georgia Republican Governor Brian Kemp announced an investigation into his rival Democratic party, accusing the organization of trying to hack the US state’s voter registration system.…

Remember when Republicans said Dems hacked voting systems to rig Georgia’s election? There were no hacks

‘No evidence of damage to network or computers, no evidence of theft, damage, or loss of data’ On November 4th, 2018, now-Georgia Republican Governor Brian Kemp announced an investigation into his rival Democratic party, accusing the organization of trying to hack the US state’s voter registration system.…

Six Cisco servers compromised when hackers exploited SaltStack Salt flaws

Six Cisco salt-master backend servers were compromised when attackers exploited two recently reported vulnerabilities in SaltStack Salt. Cisco revealed the attacks in an advisory, saying the Cisco Modeling Labs Corporate Edition (CML) and the Cisco Virtual Internet Routing Lab Personal Edition (VIRL-PE) were vulnerable. In early May one or more

States’ lack of DMARC adoption ups risk of Covid-19 email spoofing scams

As phishing scammers actively impersonate institutions like the World Health Organization and Centers for Disease Control in order to capitalize on Covid-19 fears, government bodies and state-run health care organizations continue to make themselves vulnerable to email spoofing scams that leverage their names by failing to employ DMARC email validation

Kentucky is 6th state to disclose leak of unemployment claims amid Covid-19

Kentucky has become the sixth state to disclose a data leak related to unemployment-related forms that has taken place during the Covid-19 pandemic. The Kentucky Education & Workforce Development Cabinet (EWDC) on Thursday acknowledged that a vulnerability in its Unemployment Insurance Portal caused a data leak that allowed insurance claimants