Security News > 2020 > December

Two new backdoors have been attributed to the Molerats advanced persistent threat group, which is believed to be associated with the Palestinian terrorist organization Hamas. In early 2020, security researchers at Cybereason's Nocturnus group published information on two new malware families used by the APT, namely Spark and Pierogi.

The bug impacts Cisco Jabber for Windows, Jabber for MacOS and the Jabber for mobile platforms. The most serious of the bugs, a cross-site scripting flaw, impacts Cisco Jabber for Windows and Cisco Jabber for MacOS. The flaw allow an authenticated, remote attacker to execute programs on a targeted system.

Palo-Alto, California-based application intelligence startup Bionic on Thursday announced that it has emerged from stealth mode with $17 million in seed and Series A funding. The company's platform is designed to help enterprises perform an inventory of their applications, identify their entire architecture, APIs and data flows, and track critical application changes.

From eCommerce threats, to attacks at the smart edge, Fortinet researchers discuss the top evolving threats of 2020, heading into the new year. Though eCommerce threats are usually only top-of-mind during the holiday shopping season, researchers have been on high alert when it comes to cybercriminal activity in the retail space during all of 2020, due to troves of new shoppers and stores going online.

In this episode, we dig into research that figured out a way to steal data from iPhones wirelessly; we tell the fascinating story of how environmentalist divers in Germany came across an old Enigma cipher machine at the bottom of the Baltic sea; and we give you advice on how to talk to phone scammers. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.

Microsoft this week shared details on the steps it will take in an effort to ensure improved security for Internet routing. The Border Gateway Protocol routing protocol, on which the Internet runs, relies on autonomous systems to exchange routing and reachability information.

Hackers have set up an auction site on the dark web to sell 250,000 databases stolen from tens of thousands of breached MySQL servers. Back in May, BleepingComputer reported about an attacker that was stealing SQL databases from online shops and threatening victims that their data would become public if they did not pay 0.06 BTC. Although the hacker's website on the clear web listed only 31 databases, the number of abuse reports for the wallet left in the ransom note was above 200, indicating a much larger operation.

UK trade union Prospect has chimed in with the chorus of disapproval at technologies such as Microsoft's Productivity Score being used on the nation's workers. The letter [PDF], sent to data watchdog the Information Commissioner's Office, makes clear the disquiet felt at the potential level of employee monitoring afforded even while acknowledging the rapid back-pedalling undertaken by Redmond amid the furore.

The Russia-linked cyberspy group known as Zebrocy has adopted COVID-19 vaccine-related lures in a recently observed phishing campaign, threat detection and response company Intezer reported on Wednesday. Initially detailed in 2018, Zebrocy is believed to be associated with the infamous Russian state-sponsored hacking group Sofacy.

In his paper, Prevention is Futile in 2020: Protect information Via Pervasive Monitoring and Collective Intelligence, he projected that by 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches, up from less than 10% in 2013. In subsequent years, the definition shifted towards detection and response with vulnerability management remaining part of security operations, but not a core focus of the SOC. In 2017, Gartner began describing SOAR as the convergence of SOA, SIR and threat intelligence.