Security News > 2020 > December

The U.S. Department of Homeland Security, plus the Treasury and Commerce departments, have been hacked in an attack related to the FireEye compromise last week, according to reports. SolarWinds acknowledged the bug in an advisory over the weekend, saying that exploitation of the issue must be done in a "Narrow, extremely targeted, and manually executed attack," and was likely the work of a nation-state.

A survey of gamers worldwide found that gamers deal with bullying and theft of in-game valuables in addition to identity theft. American gamers are at a higher risk for identity theft than gamers around the world, according to new research from security firm Kaspersky.

Concern is gathering over the effects of the backdoor inserted into SolarWinds' network monitoring software on Britain's public sector - as tight-lipped government departments refuse to say whether UK institutions were accessed by Russian spies. Research by The Register has shown that SolarWinds' Orion is used widely across the British public sector, ranging from the Home Office and Ministry of Defence through NHS hospitals and trusts, right down to local city councils.

The attackers behind the attack leveraged hundreds of compromised, legitimate email accounts in order to target organizations with emails, which pretended to be document delivery notifications. In reality, the phishing attack stole victims' Office 365 credentials.

The following day, the Cybersecurity and Infrastructure Security Agency issued an emergency directive asking all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately. FireEye, SolarWinds, Microsoft, and other sources all have pointed to a foreign nation-state as the source of this prolonged attack.

Mozilla has shared info on how to fix a known issue leading to errors on multiple video streaming platforms including Netflix, Hulu, Disney+, and Amazon's Prime Video on the Mac version of Firefox 84. "If you're on a Mac with Apple Silicon and are experiencing errors when trying to watch Netflix, Hulu, Disney+, Prime or another streaming service after installing Firefox 84+, you might need to install Rosetta," Mozilla says in a recently published support document.

Researchers have discovered a new information-stealing trojan, which targets Microsoft Windows systems with an onslaught of data-exfiltration capabilities- from collecting browser credentials to targeting Outlook files. "AridViper is an active threat group that continues developing new tools as part of their arsenal," researchers with Palo Alto's Unit42 research team said in a Monday analysis.

Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. In a security advisory, Austin, Texas based SolarWinds acknowledged its systems "Experienced a highly sophisticated, manual supply chain attack on SolarWinds Orion Platform software builds for versions 2019.4 HF 5 through 2020.2.1, released between March 2020 and June 2020.".

Microsoft is working on a new built-in command-line 'Disk Usage' utility that reports how much disk space a folder uses. In the past, users would need to download free tools like TreeSize to list folders using the most space.

Sophos and ReversingLabs on Monday announced SoReL-20M, a database of 20 million Windows Portable Executable files, including 10 million malware samples. Aimed at driving security improvements across the industry, the database provides metadata, labels, and features for the files within, and enables interested parties to download the available malware samples for further research.