Security News > 2021 > January
Security updates released this week by the developers of the Drupal content management system patch a vulnerability identified in a third-party library. Core patches were made available for Drupal 9.1, 9.0, 8.9, and 7, to resolve a security flaw affecting PEAR Archive Tar, and which also impacts Drupal.
Now it appears DDoS-Guard is about to be relieved of more than two-thirds of the Internet address space the company leases to clients - including the Internet addresses currently occupied by Parler. Much like Internet infrastructure firm CloudFlare, DDoS-Guard typically doesn't host sites directly but instead acts as a go-between to simultaneously keep the real Internet addresses of its clients confidential and to protect them from crippling Distributed Denial-of-Service attacks.
Multi-cloud network security platform provider Valtix on Thursday announced that it raised $12.5 million in strategic funding. Founded in 2018 and launched in 2019 with $14 million in funding, the Santa Clara, California-based company provides enterprise customers with a cloud-native network security service that can help protect both applications and services.
Microsoft on Wednesday released another report detailing the activities and the methods of the threat actor behind the attack on IT management solutions firm SolarWinds, including their malware delivery methods, anti-forensic behavior, and operational security. In its latest report on the SolarWinds attack, which it tracks as Solorigate, Microsoft explains how the attackers got from the Sunburst malware to the Cobalt Strike loaders, and how they kept the components separated as much as possible to avoid being detected.
This use of Google Forms by cybercriminals is not new and is routinely observed in credential phishing campaigns to bypass email security content filters. In this attack, the use of Google Forms may also prompt an ongoing dialogue between the email recipient and the attacker - setting them up as a victim for a future BEC trap, researchers say.
Asset and wealth management companies play an important role in handling finances and investments for different clients throughout the world. A report released Thursday by digital risk company Digital Shadows examines why and how AWM companies are vulnerable to cyberattack and how they can defend themselves.
Windows Remote Desktop Protocol servers are now being abused by DDoS-for-hire services to amplify Distributed Denial of Service attacks. The Microsoft RDP service is a built-in Windows service running on TCP/3389 and/or UDP/3389 that enables authenticated remote virtual desktop infrastructure access to Windows servers and workstations.
Windows Remote Desktop Protocol servers are now being abused by DDoS-for-hire services to amplify Distributed Denial of Service attacks. The Microsoft RDP service is a built-in Windows service running on TCP/3389 and/or UDP/3389 that enables authenticated remote virtual desktop infrastructure access to Windows servers and workstations.
Cisco this week released patches to address a significant number of vulnerabilities across its product portfolio, including several critical flaws in SD-WAN products, DNA Center, and Smart Software Manager Satellite. Several command injection bugs addressed in SD-WAN products could allow an attacker to perform actions as root on the affected devices, the most important of which is rated critical severity, featuring a CVSS score of 9.9.
Attackers behind a recently discovered phishing campaign have unintentionally left more than 1,000 stolen credentials available online via simple Google searches, researchers have found. While this is and of itself is not atypical of phishing campaigns, attackers made a "Simple mistake in their attack chain" that left the credentials they'd stolen exposed to the "Public Internet, across dozens of drop-zone servers used by the attackers," researchers said.