Security News > 2020 > November

Patch Google Chrome with the latest updates - if you don't, you're vulnerable to a zero-day that is actively being exploited, the US Cybersecurity and Infrastructure Security Agency has warned. Criminals are targeting users of Chrome with outdated installations, CISA said in an advisory note urging folk to update their browsers immediately.

Consumer anxiety regarding the election results had a muted impact on online shopping activities on Election Day, Nov. 3. Adobe's report noted that today, the day after the election, there will be an expected 13% drop in sales, versus the previous three days, in which online sales increased by 31%. "To be clear," said Taylor Schreiner, director at Adobe Digital Insights, "We're not basing our forecast on who wins the presidency, rather we're looking at people's propensity to shop online during an election cycle, based on historical context."

Companies hit by ransomware often face a dual threat: Even if they avoid paying the ransom and can restore things from scratch, about half the time the attackers also threaten to release sensitive stolen data unless the victim pays for a promise to have the data deleted. Leaving aside the notion that victims might have any real expectation the attackers will actually destroy the stolen data, new research suggests a fair number of victims who do pay up may see some or all of the stolen data published anyway.

We advised everyone to look for a Chrome or Chromium version number ending in.111, given that the previous mainstream version turned out to include a buffer overflow bug that was already known to cybercriminals. The ultimate sort of crack - the gold-medal-with-a-laurel-wreath version - was one that came out with a zero-day delay, where the game and its revenue-busting crack appeared on the very same day.

The retrial of a former CIA software engineer charged with leaking secrets to WikiLeaks in an espionage case will begin June 7, a judge said Wednesday. U.S. District Judge Paul A. Crotty set the date for Joshua Schulte over the objections of a defense lawyer who said it would be impossible to properly prepare for a trial that started before August.

American toy manufacturing giant Mattel this week revealed that it fell victim to a ransomware attack that impacted some of its operations. Founded in 1945 and headquartered in El Segundo, California, Mattel is one of the largest toy sellers in terms of revenue, with its operations divided into three segments, namely North America, International, and American Girl.

The Qbot botnet is now spewing U.S. election-themed phishing emails used to infect victims with malicious payloads designed to harvest user data and emails for use in future campaigns. "In addition to stealing and exfiltrating data from its victims, QBot will also start grabbing emails that will later be used as part of the next malspam campaigns," Malwarebytes' Jérôme Segura and Hossein Jazi explain.

PAS Global, a technology company with deep roots in software solutions for process safety and asset reliability for industrial firms, announced on Wednesday that it has agreed to be acquired by Hexagon AB, a provider of sensor, software, and autonomous solutions based in Sweden. "The relationship began as part of a capital raise, with Hexagon initially being evaluated as one of several potential investors interested in helping PAS continue their massive growth," a PAS spokesperson told SecurityWeek.

Ransomware gangs are increasingly failing to keep their promise to delete stolen data after a victim pays a ransom. In the Coveware Q3 2020 ransomware report released today, we learn that some ransomware gangs do not keep their promise to delete stolen data after a ransom is paid.

Top toymaker Mattel revealed it was a victim of a ransomware attack that successfully encrypted some data and temporarily crippled a limited number of business functions. "Promptly upon detection of the attack, Mattel began enacting its response protocols and taking a series of measures to stop the attack and restore impacted systems. Mattel contained the attack and, although some business functions were temporarily impacted, Mattel restored its operations," according to the company's 10-Q regulatory filing with the SEC. It's unclear how the attack occurred, the malware used, threat actors behind the attack and strain of ransomware used by adversaries.