Security News > 2020 > November

Researchers from Tsinghua University and the University of California have identified a new method that can be used to conduct DNS cache poisoning attacks. DNS cache poisoning attacks refer to polluting this very cache existing on intermediary servers.

The UK's ruling Conservative Party has been using personal data in a way that spots an individual's likely county of origin, ethnic origin and religion based on their first and last name. According to an ICO report, the Tory party purchased so-called "Estimated onomastic data" and appended it to the records of 10 million voters.

President Donald Trump's administration said Wednesday it was still working to resolve its security concerns over Chinese-owned app TikTok after the firm sought to delay a deadline to sell its US operations. On Wednesday, the US Treasury Department said in a statement it "Remains focused on reaching a resolution of the national security risks arising from ByteDance's acquisition of Musical.ly."

As detailed in its "Q3 2020 Threat Landscape Report," Nuspire discovered more than 3.6 million malware events over the third quarter, an increase of 128% from the second quarter. More than 43,000 malware variants were seen each day, with almost 1,200 unique ones found for the entire quarter.

Google is asking Chrome desktop users to prepare to update their browsers once again as two more zero-day vulnerabilities have been identified in the software. CVE-2020-16017 is described by Google as a "Use-after-free in site isolation," which is the Chrome component that isolates the data of different sites from each other.

Schneider Electric this week released advisories for vulnerabilities impacting various products, including flaws that can be exploited to take control of Modicon M221 programmable logic controllers. "By bypassing authentication protections and having direct access to manipulate the PLC, an attacker could take over complete control of the PLC actions, which could be catastrophic depending what type of OT environment the PLC is deployed," Sigler explained.

LC: Trying to plug IT security on top of operations has caused the water to be bloodied for many years, often times there are very hostile relationships between the IT and the operational teams because IT security's been trying to force what we consider standard cyber security models on top of the OT systems, and it just doesn't work. So if you don't have basic incident response preparation done in either your IT or OT environment, you're going to see spending a lot more money when you have an incident to have it done by your consulting incident respondent, or even your on staff highly paid incident responders.

Cloud security company Menlo Security on Thursday announced that it has raised $100 million in a Series E funding round, valuing the firm at $800 million. The latest funding round, which brings the total raised by Menlo Security to $260.5 million, was led by Vista Equity Partners, with participation from Neuberger Berman, General Catalyst, JP Morgan and other existing investors.

Google has released Chrome 86.0.4240.198 for Windows, Mac, and Linux to address two zero-day vulnerabilities exploited in the wild. Google Chrome 86.0.4240.198 will roll out over the coming days.

A new email tool advertised on a cybercriminal forum provides a stealthier method for carrying out fraud or malware attacks by allowing messages to be injected directly into the victim's inbox. Called "Email Appender," the tool can enable more sophisticated phishing and business email compromise attacks as well as help the less technical actors in the ransomware business.