Security News > 2021 > January

An attack method discovered in 2017 for defeating the audio version of Google's reCAPTCHA system using speech-to-text services has once again been resurrected. A team of researchers from the University of Maryland showed in 2017 that online speech-to-text services could be used to automatically solve reCAPTCHA v2 audio challenges with a high degree of accuracy.

Metro Vancouver's transportation agency TransLink has confirmed that the Egregor ransomware operators who breached its network at the beginning of December 2020 also accessed and potentially stole employees' banking and social security information. TransLink announced on December 1, 2020, that the transportation network was experiencing issues with their computing systems following a cyberattack.

Accused hacker and WikiLeaks founder Julian Assange should not be extradited to the US to stand trial, Westminster Magistrates' Court has ruled. District Judge Vanessa Baraitser told Assange this morning that there was no legal obstacle to his being sent to the US, where he faces multiple criminal charges under America's Espionage Act and Computer Fraud and Abuse Act over his WikiLeaks website.

We say, "Well, let's take a look at what you're doing right now and see if we can offer a comparable level of security." So they tell us about the setup of their data centers. We say, "Oh my! It seems like we have level five security and your data center has level three security. Are you really comfortable staying where you are?" The customer figures, not only am I going to save money by going with AWS, I also just became aware that I'm not nearly as secure as I thought.

Citrix has released a feature enhancement designed to block attackers from using the Datagram Transport Layer Security feature of Citrix ADC and Gateway devices as an amplification vector in DDoS attacks. According to reports that have surfaced starting with December 21st, 2020, a DDOS attack used DTLS to amplify traffic from susceptible Citrix ADC devices dozens of times.

An untrusted deserialization vulnerability has been disclosed this week in how Zend Framework can be exploited by attackers to achieve remote code execution on vulnerable PHP sites. "Zend Framework 3.0.0 has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the destruct method of the ZendHttpResponseStream class in Stream.php," states MITRE's advisory for CVE-2021-3007.

1/4/. As everyone gets back to work after the New Year holiday, Slack brings in 2021 with a massive outage affecting users worldwide. Starting at approximately 10 AM EST, Slack suffered an outage where users cannot connect, messages cannot be sent and received, and channel history cannot be retrieved.

Security researchers investigating a set of ransomware incidents at multiple companies discovered malware indicating that the attacks may be the work of a hacker group believed to operate on behalf of China. Although the attacks lack the sophistication normally seen with advanced threat actors, there is strong evidence linking them to APT27, a group normally involved in cyber espionage campaigns, also known as TG-3390, Emissary Panda, BRONZE UNION, Iron Tiger, and LuckyMouse.

Zyxel has released a patch to address a critical vulnerability in its firmware concerning a hardcoded, undocumented secret account that could be abused by an attacker to login with administrative privileges and compromise its networking devices. The flaw, tracked as CVE-2020-29583, affects version 4.60 present in a wide-range of Zyxel devices, including Unified Security Gateway, USG FLEX, ATP, and VPN firewall products.

On New Year's Eve, SolarWinds confirmed that it has identified malware that exploited the flaws introduced to Orion products. We already knew about "SUNBURST", the attack that poisoned Orion.