Security News > 2020 > November

Canon, ransomware, Maze, data stolenImaging and optical giant Canon this week revealed that data was stolen in a ransomware attack it fell victim to in early August 2020. The incident, discovered on August 4, resulted in threat actors having access to Canon's network between July 20 and August 6.

The US Treasury on Wednesday said it had extended by seven days the November 27 deadline given to the Chinese owner of TikTok to sell the popular social media platform's American business. Trump, who lost his bid for re-election this month, has claimed that TikTok - which has some 100 million US users - can be used to collect data on Americans for Chinese espionage, a claim denied by the company.

Drupal has released emergency security updates to address a critical vulnerability with known exploits that could allow for arbitrary PHP code execution on some CMS versions. "These statistics are incomplete; only Drupal websites using the Update Status module are included in the data," Drupal says.

The developers of the Drupal content management system released out-of-band security updates right before Thanksgiving due to the availability of exploits. The core updates released for Drupal 7, 8.8, 8.9 and 9.0 on November 25 address a couple of vulnerabilities affecting PEAR Archive Tar, a third-party library designed for handling.

American democracy is an information system, in which the information isn't bits and bytes but citizens' beliefs. As the democratic theorist Adam Przeworski puts it, democracy is "a system in which parties lose elections." These beliefs can break down when political insiders make bogus claims about general fraud, trying to cling to power when the election has gone against them.

An unofficial patch is now available through ACROS Security's 0patch service for a zero-day vulnerability identified earlier this month in Windows 7 and Windows Server 2008 R2. The privilege escalation flaw, detailed by security researcher Clément Labro on November 12, exists because all users have write permissions for HKLMSYSTEMCurrentControlSetServicesDnscache and HKLMSYSTEMCurrentControlSetServicesRpcEptMapper, two keys that could be used for code execution. Specifically, the researcher discovered that a local non-admin user could target any of the two keys to create a Performance subkey, then trigger performance monitoring to load an attacker DLL through the Local System WmiPrvSE.exe process, and execute code from it.

French multinational production and distribution firm Banijay Group SAS was hit earlier this month by a DoppelPaymer ransomware attack and had sensitive information stolen by the ransomware operators during the incident. While Banijay has only shared that they have suffered a cyber-attack and that some of their data might have been compromised, the DoppelPaymer ransomware gang is claiming to be responsible.

French multinational production and distribution firm Banijay Group SAS was hit earlier this month by a DoppelPaymer ransomware attack and had sensitive information stolen by the ransomware operators during the incident. While Banijay has only shared that they have suffered a cyber-attack and that some of their data might have been compromised, the DoppelPaymer ransomware gang is claiming to be responsible.

Scammers are trying to steal email credentials from employees by impersonating their organization's human resources department in phishing emails camouflaged as internal 'back to work' company memos. These phishing messages have managed to land in thousands of targeted individuals' mailboxes after bypassing G Suite email defenses according to stats provided by researchers at email security company Abnormal Security who spotted this phishing campaign.

How is Britain's £1.3bn National Cyber Security Strategy going? Nobody really cares any more - even the Cabinet Office, judging by its latest progress report. In a report issued this week the Cabinet Office waffled for several tens of pages saying how much work Britain's various governmental organs had done that vaguely fits under the banner of the National Cyber Security Strategy.