Security News > 2020 > December

"Forrester sees the data stack extending beyond the data fabric into data networks. Data management will be centralized and hyper-local to create in-moment intelligence and experiences," Goetz said. Ali Siddiqui, chief product officer at BMC Software, noted that a key element of the future of the modern data stack will be the inclusion of AI/ML-driven intelligent and predictive analytics capabilities leveraging a broad range of both historical and real-time data.

A recently observed Pegasus spyware infection campaign targeting tens of Al Jazeera journalists leveraged an iMessage zero-click, zero-day exploit for infection. Cybersecurity firms and human rights organizations have detailed multiple malicious attacks involving Pegasus, many of them targeting journalists and human rights activities.

With cybersecurity issues, it's especially important that users understand the information provided by IT and leadership. That's too bad, as not understanding what it means and how it affects us can lead to lapses in a company's cybersecurity.

British cryptocurrency exchange EXMO has disclosed that unknown attackers withdrew almost 5% of its total assets after compromising its hot wallets. Hot wallets are Internet-connected and are used by exchanges to temporarily store assets for ongoing transactions and transfers unlike cold wallets which have no Internet connection.

In an 8-K filing to the US Securities and Exchange Commission, SolarWinds has given more details on exactly how it learned its servers were spewing out malware. Security shop FireEye, as well as other sources, have confirmed that the main malware controller being used in the SolarWinds attack has been killed off this week.

The recent SolarWinds software supply chain breach is a clear indication that strong OT cybersecurity is a must-have in today's threat environment. Waterfall's technologies have long enabled integration between OT networks and enterprise networks without the risk of any attack getting back into the protected network.

Just as ICS-CERT published a new advisory detailing four new vulnerabilities in the Treck TCP/IP stack, Forescout released an open-source tool for detecting whether a network device runs one of the four open-source TCP/IP stacks affected by the Amnesia:33 vulnerabilities. Previous vulnerability research by JSOF researchers explained how separate branches of the vulnerable stack came to be.

Almost a dozen Dell Wyse thin client models are vulnerable to critical issues that could be exploited by a remote attacker to run malicious code and gain access to arbitrary files. It is estimated that more than 6,000 organizations, most of them from the healthcare sector, have deployed Dell Wyse thin clients on their networks.

VMware and Cisco have shared information on the impact of the SolarWinds incident, and VMware has responded to reports that one of its products was exploited in the attack. The NSA advisory on the exploitation of the VMware vulnerability also mentions SAML abuse and security blogger Brian Krebs reported learning from sources that the SolarWinds attackers also exploited the VMware flaw.

The US Department of Justice has seized two domain names used to impersonate the official websites of biotechnology companies Moderna and Regeneron involved in the development of COVID-19 vaccines. While almost perfectly cloning the contents of the real sites, the website seized by the federal government were instead used for various malicious purposes including running scams, infecting visitors with malware, and collecting sensitive info in phishing attacks.