Security News > 2020

Perimeter 81 simplifies network security for the modern and increasingly remote and mobile workforce. Named a Deloitte Technology Fast 500 for EMEA and a Gartner Cool Vendor, Perimeter 81 has gained immediate market traction and quickly acquired more than 620 clients - including Fortune 500 companies and some of the most prominent organizations in government, entertainment, technology and AI. "Legacy network infrastructure has proven unable to support the modern security requirements of the modern workforce, creating a global need for unified security and network platforms that are cloud based and easy to use," said Perimeter 81 CEO and Co-Founder Amit Bareket.

As the world tackles the COVID-19 coronavirus pandemic, ransomware creeps have knocked offline a public health agency's website that served nearly a quarter of a million people in the US. The Champaign Urbana Public Health District in Illinois, covering 210,000 folks, including the state's biggest university, said today it has had to set up an alternate website as it deals with a ransomware infection that took down its primary site. A spokesperson for the district also confirmed an earlier report from Mother Jones that the outage, which began Tuesday morning, was caused by a ransomware infection rather than a crush of traffic.

Six new members joined Kantara Initiative including IDEMIA, the global leader in trusted identity. IDEMIA is joining Kantara as a member and accepted a seat on the Kantara Board of Directors.

Researchers have discovered a new strain of ransomware, dubbed "PXJ," which emerged in the wild in early 2020. While PXJ performs functions similar to other ransomware variants, it does not appear to share the same underlying code with most known ransomware families, researchers said.

The trojans are designed to gain control of Facebook user accounts by capturing browser cookies in Android, says Kaspersky. This trojan captures root rights on an Android device, thus allowing it to steal cookies from the browser and from Facebook and transfer them to the server of the cybercriminals behind it.

Their tastes however can run to a different sort of cookie, as evidenced by a fresh strain of Android malware that may be implanted prior to users purchasing a device. Appropriately dubbed "Cookiethief" by the Kaspersky researchers who discovered it, the trojan has a straightforward goal: "Its main task was to acquire root rights on the victim device, and transfer cookies used by the browser and Facebook app to the cybercriminals' server," explained Kaspersky researchers Anton Kivva and Igor Golovin, in an analysis on Thursday.

Cybersecurity incidents are also a grave problem for companies across global supply chains as more enterprises adopt digitized management systems. A new report from supply chain company Resilience360 goes into detail about the cyberthreats facing supply chains in 2020 and the bevy of incidents that occurred throughout 2019.

Microsoft has released an out-of-band emergency patch for a wormable remote-code execution hole in SMBv3, the Windows network file system protocol. The SMB bug fix was a late addition to Microsoft's March edition of Patch Tuesday - after the security hole was accidentally disclosed by the Cisco Talos research team in a blog post recapping this month's updates: Cisco thought Microsoft had fixed the bug this week as part of March's Patch Tuesday, and alerted the world to the bug's presence to get people to install their updates.

Microsoft has released out-of-band updates for Windows to patch a critical remote code execution vulnerability in Server Message Block 3.0 that has been described as "Wormable." The vulnerability, related to the way SMB 3.1.1 handles certain requests, can be exploited by an unauthenticated attacker to execute arbitrary code on SMB servers and clients.

The Russia-linked threat group known as Turla was observed using two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019, ESET reports. Also known as Waterbug, KRYPTON, Snake, and Venomous Bear, and active for more than a decade, Turla is known for the targeting of various diplomatic and military organizations, with a focus on NATO and Commonwealth of Independent States nations.