Security News > 2020 > April

With Google Chrome being by far the most widely used web browser, Google must constantly tweak protections, rules and policies to keep malicious, unhelpful and otherwise potentially unwanted extensions out of the Chrome Web Store. The latest change of that kind has been announced for August 27th 2020, when Google plans to boot from the CWS "Low-quality and misleading" Chrome extensions.

After a light Patch Tuesday earlier this month, Adobe has issued an unexpectedly large bundle of critical security fixes for flaws affecting its Magento, Bridge and Illustrator products. The vulnerabilities affect version 10.0.1 and earlier for Windows and updates to Bridge version 10.0.4 for both Windows and macOS. The different versions of the Magento ecommerce platform, Open Source and Enterprise offers fixes for 13 CVEs, including six rated critical in APSB20-22, and individually listed with PRODSECBUG numbers.

Justice has already been slow in this case, and the pandemic isn't helping: His trial has been postponed for a third time. Nikulin's trial in San Francisco federal court began 9 March but was paused on 18 March because of the coronavirus.

Tel Aviv, Israel-based Secret Double Octopus has raised $15 million in a Series B funding round from Sony Financial Ventures, KDDI, and Global Brain as well as prior investors. The firm provides passwordless authentication for enterprises, and is eyeing the growing WFH market.

According to Kaspersky, the number of brute-force RDP attacks has rocketed all around the world. At the beginning of March, the security company was observing in the low hundreds of thousands of RDP attempts per country, per day, but the volume grew to nearly 1 million attacks per day toward the end of the month, in some countries.

Kaspersky Labs is reporting a massive increase in brute force attacks against Microsoft's RDP protocol since the beginning of March, coinciding perfectly with coronavirus lockdowns and increased numbers of people working from home. Brute force attacks are decidedly blunt in their approach: Rather than try to sneak in a backdoor or bypass security, a brute force attack simply tries logging in to a system with a known username and all possible passwords.

YARA 4.0.0 was released on Wednesday with some important new features and performance improvements. The previous update to YARA, version 3.11.0, was released in October 2019, but Victor Alvarez, the creator of YARA, who currently works as a software engineer for Google's VirusTotal service, on April 29 announced the release of version 4.0.0.

The threat actors behind the Shade ransomware have called it quits, releasing 750,000 encryption keys on GitHub and publicly apologizing to victims affected by the malware. User "Shade-team" posted four files on the code repository earlier this week, one containing the file keys and four "ReadMe" files with decryption instructions and other information.

A piece of Android ransomware uses a scareware tactic to extort money from victims: it asks them to provide their credit card information to pay a "Fine," Check Point reveals. Dubbed Black Rose Lucy, or simply Lucy, the malicious program was initially discovered in 2018 as a Malware-as-a-Service botnet and dropper for Android devices.

"Using an attack pattern typical of human-operated ransomware campaigns, attackers have compromised target networks for several months beginning earlier this year and have been waiting to monetize their attacks by deploying ransomware when they would see the most financial gain," says the Microsoft Threat Protection Intelligence Team. "Human-operated ransomware attacks represent a different level of threat because adversaries are adept at systems administration and security misconfigurations and can therefore adapt to any path of least resistance they find in a compromised network," the team explained.