Security News > 2020 > October

A study of more than 9,000 instances of business email compromise attacks all over the world shows that the number has skyrocketed over the past year, and that the social-engineering scam has expanded well beyond its historic roots in Nigeria. Researchers found BEC attacks currently make up a full 40 percent of cybercrime losses globally, impacting at least 177 countries.

FIN11 is a new designation for a financially motivated threat actor that may previously have been obscured within the activity set and group usually referred to as TA505. The group now defined by Mandiant Threat Intelligence researchers as FIN11 similarly uses large-scale phishing campaigns, but is primarily defined by its unique use of the CLOP ransomware.

Intel on Wednesday talked up a set of security features planned for its promised third-generation Xeon Scalable Processors, code-named Ice Lake, which are supposed to show up before the end of the year. The chip biz said it's "Doubling down on its Security First Pledge," as if some sort of quantitative measurement of security could be calculated and weighed against prior security commitments.

UPDATE. A critical security bug in the SonicWall VPN portal can be used to crash the device and prevent users from connecting to corporate resources. "The most notable aspect of this vulnerability is that the VPN portal can be exploited without knowing a username or password," Young told Threatpost.

This is the rider in the Boards' willingness to invest - all three of these investment triggers are reactive; that is, they are tactical responses rather than strategic plans. "The fact Boards mainly approve investments after a security incident or through fear of regulatory penalties for non-compliance," comments Terence Jackson, CISO for the privilege management firm Thycotic, "Shows that cybersecurity investment decisions are more about insurance than about any desire to lead the field which, in the long run, limits the industry's ability to keep pace with the cybercriminals."

AI-powered cybersecurity company Darktrace saw a sharp rise in the proportion of pandemic-related phishing emails. Darktrace's Antigena Email uses machine learning to go beyond matching an email's characteristics against a known set of malicious ones.

Bluetooth vulnerabilities that a Google security researcher has identified in the Linux kernel could be exploited to run arbitrary code or access sensitive information. The most severe of these flaws is CVE-2020-12351, a heap-based type confusion that affects Linux kernel 4.8 and higher.

I'll be speaking at the IEEE Symposium on Technology and Society virtual conference, November 12-15, 2020. I'll be on a panel at the OECD Global Blockchain Policy Forum 2020 on November 17, 2020.

The Silent Librarian campaign has re-emerged for the fall school session, actively targeting students and faculty at universities via spear-phishing campaigns. The goal is to harvest not just logins to sell online, but also proprietary university research and data, researchers said.

Microsoft is performing a test where they are installing a suite of Office progressive web apps in Windows 10 without asking permission from the user. Over the past week, Microsoft has been conducting a test where they have been forcibly installing Word, Excel, PowerPoint, and Outlooks PWAs into Microsoft Edge and registering them with Windows 10.