Security News > 2020 > December

Japanese game developer Koei Tecmo has disclosed a data breach and taken their European and American websites offline after stolen data was posted to a hacker forum. Since learning of the attack, Koei Tecmo released a data breach advisory stating that a forum on a UK subsidiary's website was compromised and the stolen data was leaked online.

Apple users are experiencing problems setting up new devices or accessing files stored on the cloud due to an ongoing iCloud outage that has lasted for more than 24 hours. Starting yesterday at 4:45 AM EST, Apple has been experiencing an outage with its iCloud service that prevents users from logging into the service, accessing files, or setting up new devices.

SolarWinds has released an updated advisory for the additional SuperNova malware discovered to have been distributed through the company's network management platform. After analyzing the SolarWinds breach, both Palo Alto Networks Unit 42 and Microsoft reported on an additional malware named SuperNova distributed using the App Web logoimagehandler.

A ten-foot giant squid has washed ashore on the Western coast of Japan. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my...

Leading cybersecurity firm CrowdStrike was notified by Microsoft that threat actors had attempted to read the company's emails through compromised by Microsoft Azure credentials. While performing their investigation, CrowdStrike was told by Microsoft on December 15th that a compromised Microsoft Azure reseller's account was used to try and read CrowdStrike's emails.

Creating an oasis of health in your home is getting easier with the help of sensors and IoT devices. "To create a home that is good for the planet, one must first create an energy or thermally efficient home-but to do this effectively you also need an array of sensors along with a standalone energy recovery ventilator that connects to your heating and air conditioning systems and constantly draws fresh, clean air into your home while removing stale air," said Matt Howland, president of Dvele, which designs and manufactures modular and prefab homes.

The Dridex malware gang is delivering a nasty gift for the holidays using a spam campaign pretending to be Amazon Gift Cards. Such is the case in a recent phishing campaign discovered by cybersecurity firm Cybereason that pretends to be an Amazon gift certificate sent via email.

"Cybersecurity is very good at identifying activities that are black or white-either obviously bad and dangerous or clearly good and safe," writes Margaret Cunningham, PhD, psychologist and principal research scientist at Forcepoint's Innovation Lab, in her research paper Exploring the Gray Space of Cybersecurity with Insights from Cognitive Science. "But, traditional cybersecurity tools struggle with ambiguity-our algorithms are not always able to analyze all salient variables and make a confident decision whether to allow or block risky actions."

Citrix has issued an emergency advisory warning its customers of a security issue affecting its NetScaler application delivery controller devices that attackers are abusing to launch amplified distributed denial-of-service attacks against several targets. The desktop virtualization and networking service provider said it's monitoring the incident and is continuing to investigate its impact on Citrix ADC, adding "The attack is limited to a small number of customers around the world."

A team of researchers today unveiled two critical security vulnerabilities in Dell Wyse Thin clients that could have potentially allowed attackers to remotely execute malicious code and access arbitrary files on affected devices. The flaws, which were uncovered by healthcare cybersecurity provider CyberMDX and reported to Dell in June 2020, affects all devices running ThinOS versions 8.6 and below.