Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks
Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are vulnerable to remote code execution flaws. [...]
America covers cybersecurity incidents, policy, privacy, public services, advisories, and regional developments affecting digital security.
Search across headline titles and summaries.
Background for this topic.
America covers cybersecurity and information-security developments connected to America, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.
For practitioners, the tag provides geographic context for developments involving America's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.
Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are vulnerable to remote code execution flaws. [...]
The U.S. Department of Health and Human Services (HHS) warned hospitals this week to patch the critical 'Citrix Bleed' Netscaler vulnerability actively exploited in attacks. [...]
Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon
A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced
Vladimir Dunaev Faces Up to 35 Years in PrisonA Russian national pleaded guilty in U.S. federal court for his role in developing TrickBot. Operators of the malware targeted hospitals and healthcare centers with ransomware attacks during the height of the novel coronavirus pandemic. Vladimir Dunaev faces up to 35 years in prison.
House Members Warn That Chinese-Made LiDAR Technology May Already Be in US DevicesA bipartisan group of lawmakers urged the Biden administration to consider intensifying restrictions on semiconductor sales to Chinese companies in a bid to ensure that U.S. remote-sensing technology doesn't aid Beijing's national security efforts.
On Thursday, a Russian national pleaded guilty to charges related to his involvement in developing and deploying the Trickbot malware, which was used in attacks against hospitals, companies, and individuals in the United States and worldwide. [...]
A novel malware named 'Agent Raccoon' (or Agent Racoon) is being used in cyberattacks against organizations in the United States, the Middle East, and Africa. [...]
The U.S. Department of Justice (DOJ) and the FBI recently collaborated in a multinational operation to dismantle the notorious Qakbot malware and botnet. While the operation was successful in disrupting this long-running threat, concerns have arisen as it appears that Qakbot may still pose a danger in a reduced form. This article discusses the aftermath of the takedown, provides mitigation
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday sanctioned the North Korea-linked adversarial collective known as Kimsuky as well as eight foreign-based agents who are alleged to have facilitated sanctions evasion
American office supply retailer Staples took down some of its systems earlier this week after a cyberattack to contain the breach's impact and protect customer data. [...]
The U.S. Treasury Department on Wednesday imposed sanctions against Sinbad, a virtual currency mixer that has been put to use by the North Korea-linked Lazarus Group to launder ill-gotten proceeds
Melissa Hathaway, a former White House cybersecurity adviser, says Biden is pushing through more regulatory reforms than previous administrations.
CISA calls for stronger IT defenses as Texas district also hit by ransomware crew CISA is investigating a cyberattack against a Pennsylvania water authority that has been linked to what are suspected to be Iranian miscreants. The US Homeland Security agency also warned it is expecting more attempts to subvert programmable logic controllers in America's critical infrastructure.…
CISA (Cybersecurity & Infrastructure Security Agency) is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers (PLCs) exposed online. [...]
The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group. [...]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that it's responding to a cyber attack that involved the active exploitation of Unitronics programmable logic controllers (PLCs) to target the Municipal Water Authority of Aliquippa in western Pennsylvania
One of the cybercrime underground's more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch, KrebsOnSecurity has learned.
Global Cybersecurity Agencies Say 'Secure by Design' Is Key to AI Threat MitigationNearly two dozen national cybersecurity organizations on Sunday urged AI developers to embrace "secure by design" and other preventive measures aimed at keeping hackers out from the mushrooming world of AI systems. The United Kingdom and United States spearheaded its development.
American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October. [...]