Security News > 2021

Finland Faces Blizzard of FluBot-Spreading Text Messages
2021-11-30 18:11

The Flubot banking trojan is blanketing Finland, spreading via Android phones that are sending millions of malicious text messages. On Friday, the National Cyber Security Centre at the Finnish Transport and Communications Agency posted a "Severe" alert about the malware blizzard, which it said was spreading via dozens of message variants that are sneezing out Flubot like mad. Once installed, Flubot sets about gaining permissions, stealing banking information and credentials, lifting passwords stored on the device and squirreling away various pieces of personal information.

Panasonic’s Data Breach Leaves Open Questions
2021-11-30 17:56

Consumer electronics giant Panasonic's data breach raises questions, researchers say - given that more than two weeks after the incident was discovered, it's unclear if customers' personal information has been impacted. On Friday, Panasonic confirmed that its "Network was illegally accessed by a third party on November 11, 2021," and that "Some data on a file server had been accessed during the intrusion."

EwDoor botnet targets AT&T network edge devices at US firms
2021-11-30 17:26

A recently discovered botnet is attacking unpatched AT&T enterprise network edge devices using exploits for a four-year-old critical severity Blind Command Injection security flaw. The botnet, dubbed EwDoor by researchers at Qihoo 360's Network Security Research Lab, targets AT&T customers using EdgeMarc Enterprise Session Border Controller edge devices.

Become an ethical hacker for just $13 during this Cyber Week sale
2021-11-30 16:28

Now you can learn everything you need to become a master ethical hacker without having to take time away from your current job. If you would like to make 2022 the year you switch to an exciting new career in the lucrative tech industry, you really can't beat The All-In-One 2022 Super-Sized Ethical Hacking Bundle, since use coupon code CMSAVE70 during this Cyber Week sale to get it for just $12.90.

Android banking malware infects 300,000 Google Play users
2021-11-30 16:07

Malware campaigns distributing Android trojans that steals online bank credentials have infected almost 300,000 devices through malicious apps pushed via Google's Play Store. The Android banking trojans delivered onto compromised devices attempt to steal users' credentials when they log in to an online banking or cryptocurrency apps.

Visiting a booby-trapped webpage could give attackers code execution privileges on HP network printers
2021-11-30 15:59

Tricking users into visiting a malicious webpage could allow malicious people to compromise 150 models of HP multi-function printers, according to F-Secure researchers. The Finland-headquartered infosec firm said it had found "Exploitable" flaws in the HP printers that allowed attackers to "Seize control of vulnerable devices, steal information, and further infiltrate networks in pursuit of other objectives such as stealing or changing other data" - and, inevitably, "Spreading ransomware."

Controversial face matchers Clearview set to be fined over $20m
2021-11-30 15:13

The UK data protection regulator has announced its intention to issue a fine of £17m to controversial facial recognition company Clearview AI. Clearview AI, as you'll know if you've read any of our numerous previous articles about the company, essentially pitches itself as a social network contact finding service with extraordinary reach, even though no one in its immense facial recognition database ever signed up to "Belong" to the "Service". Early in 2020, those behemoths firmly told Clearview AI, "Stop leeching image data from our services."

Leaked footage shows British F-35B falling off HMS Queen Elizabeth and pilot's death-defying ejection
2021-11-30 14:55

Video footage has emerged of a British F-35B fighter jet falling off the front of aircraft carrier HMS Queen Elizabeth after a botched takeoff. The leaked clip, seemingly from a CCTV camera on the carrier's bridge, shows the Lockheed Martin-made stealth aircraft slowly trundling down the deck before tipping over the ski-jump ramp on her bows.

Lloyd's of London suggests insurers should not cover 'retaliatory cyber operations' between nation states
2021-11-30 14:02

The insurer's "Cyber War and Cyber Operation Exclusion Clauses", published late last week, include an alarming line suggesting policies should not cover "Retaliatory cyber operations between any specified states" or cyber attacks that have "a major detrimental impact on the functioning of a state." Although the wordings in the four clauses are published as a suggestion for insurers in Lloyd's-underwritten policies and are not concrete rules, they provide a useful indicator for the direction of travel in the slow-moving cyber insurance world.

Yanluowang Ransomware Tied to Thieflock Threat Actor
2021-11-30 13:56

A threat actor previously tied to the Thieflock ransomware operation may now be using the emerging Yanluowang ransomware in a series of attacks against U.S. corporations, researchers have found. Researchers found a "Tentative link" between the new Yanluowang attacks and older attacks involving Thieflock, a ransomware-as-a-service developed by the Canthroid group, also known as Fivehands.