Security News > 2020 > December

The NSA has published an advisory outlining how "Malicious cyber actors" are "Are manipulating trust in federated authentication environments to access protected data in the cloud." This is related to the SolarWinds hack I have previously written about, and represents one of the techniques the SVR is using once it has gained access to target networks. The actors leverage privileged access in the on-premises environment to subvert the mechanisms that the organization uses to grant access to cloud and on-premises resources and/or to compromise administrator credentials with the ability to manage cloud resources.

The latest twist is ransomware targeting Android devices disguised as a legitimate download of the new open-world game. New Android #Ransomware disguised as #Cyberpunk2077 game.

TechRepublic's Karen Roby spoke with Dr. Danda Rawat, professor of electrical engineering and computer science at Howard University, about artificial intelligence, machine learning and how they can help cybersecurity. Danda Rawat: My research projects are focusing on cybersecurity for artificial intelligence systems and the machine learning algorithms.

Howard professor says security must reach all types of networks, including IoT and ad hoc networks.

When we talk about insider threats, in reality, we're usually talking about people who have made a mistake that led to a breach of company information. A disgruntled employee chooses to leak data and cause the company harm.

A business app developer's unsecured Microsoft Azure blob left more than half a million confidential and sensitive documents belonging to its customers freely exposed to the public internet, The Register can reveal. The blob also included FedEx shipment security documentation, internal complaints from foodstuffs firm Huel, an investment management firm, and countless others - and in at least one example seen by The Register a passport scan.

The trends in malware that we've seen this year reflect both adversary intent and capability. Threat researchers have seen some common trends and hot spots this year when it comes to malware.

A list of dozens of online stores hacked by a web skimming group was inadvertently leaked by a dropper used to deploy a stealthy remote access trojan on compromised e-commerce sites. Researchers at Sansec, a security company focused on protecting e-commerce stores from web skimming attacks, said that the malware was delivered in the form of a 64-bit ELF executable with the help of a PHP-based malware dropper.

UK energy supplier People's Energy this week started informing customers of a data breach that affected some of their personal information. In a data breach notification published on its website, the energy supplier reveals that, on December 16, it was the victim of a cyberattack in which an unauthorized party accessed one of the systems used to store member data.

Global cybersecurity company Positive Technologies identified several potential vulnerabilities in 5G standalone networks that could result in denial of service for customers and trouble for network operators. In the new report, "5G Standalone core security research," researchers analyzed the security of the network architecture, interaction of network elements, and subscriber authentication and registration procedures.