Security News > 2021 > January

Cisco's SpamCop anti-spam service suffered an outage Sunday after its domain was mistakenly allowed to expire. SpamCop provides a Real-time Blackhole List that mail servers can use to determine if incoming mail should be considered spam.

Law enforcement agencies from as many as eight countries dismantled the infrastructure of Emotet, a notorious email-based Windows malware behind several botnet-driven spam campaigns and ransomware attacks over the past decade. "What made Emotet so dangerous is that the malware was offered for hire to other cybercriminals to install other types of malware, such as banking Trojans or ransomware, onto a victim's computer."

"This vulnerability allows an attacker to relay NTLM authentication sessions to an attacked machine, and use a printer spooler MSRPC interface to remotely execute code on the attacked machine," the researchers said in a Friday advisory. NTLM relay attacks are a kind of man-in-the-middle attacks that typically permit attackers with access to a network to intercept legitimate authentication traffic between a client and a server and relay these validated authentication requests in order to access network services.

Google Project Zero on Thursday disclosed details of a new security mechanism that Apple quietly added to iOS 14 as a countermeasure to prevent attacks that were recently found to leverage zero-days in its messaging app. Dubbed "BlastDoor," the improved sandbox system for iMessage data was disclosed by Samuel Groß, a Google Project Zero researcher tasked with studying zero-day vulnerabilities in hardware and software systems.

Like almost all operating systems, Windows 10 is vulnerable to security and privacy issues, and researchers have proved that Microsoft can track a lot of your activities to improve their products and enable personalized ads and promotions. Thankfully, Windows 10 allows us to improve the operating system's security and privacy using the built-in settings app.

Mission Secure, a provider of visibility and cybersecurity solutions for industrial environments, announced this week that it has closed a Series B financing round in the amount of $5.6 million. The company raised its first outside funding through a seed round in late 2014, and has consistently added funding over the years, with the total amount raised by the company now at $22.5 million.

"Serious" vulnerability found in Libgcrypt, GnuPG's cryptographic libraryLibgcrypt 1.9.0, the newest version of a cryptographic library integrated in the GNU Privacy Guard free encryption software, has a "Severe" security vulnerability and should not be used, warned Werner Koch. Sudo vulnerability allows attackers to gain root privileges on Linux systemsA vulnerability in sudo, a powerful and near-ubiquitous open-source utility used on major Linux and Unix-like operating systems, could allow any unprivileged local user to gain root privileges on a vulnerable host.

Bug hunter Tavis Ormandy of Google's Project Zero just discovered a dangerous bug in the GNU Privacy Guard team's libgcrypt encryption software. The libgcrypt library is an open-source toolkit that anyone can use, but it's probably best known as the encryption library used by the GNU Privacy Guard team's own widely deployed GnuPG software.

A malicious Home Depot advertising campaign is redirect Google search visitors to tech support scams. Malicious Google search ads are nothing new, with campaigns for Amazon Prime, PayPal, and eBay seen in the past.

The UK Research and Innovation is dealing with a ransomware incident that encrypted data and impacted two of its services, one offering information to subscribers and the platform for peer review of various parts of the agency. UKRI is a public body of the Government of the United Kingdom, tasked with investing in science and research.