Security News > 2021 > January

A threat actor believed to be tied to the Lebanese government has compromised hundreds of servers pertaining to organizations worldwide, while maintaining a low profile, threat intelligence firm ClearSky reveals. Referred to as Lebanese Cedar or Volatile Cedar, the advanced persistent threat group has been active since 2012, but operated under the radar since 2015, after its activity was detailed by cybersecurity companies.

Threat intelligence platform provider HackNotice has analyzed more than 60,000 breach reports over the last three years, and finds some disturbing results including the rate of increase in breaches and a relative decline in the number of official breach notifications. Leak reports containing data from a breached company as disclosed by hackers.

Microsoft has attributed a recently discovered campaign to target security researchers with custom malware through elaborate socially-engineered attacks to an APT group affiliated with North Korea-linked Lazarus Group. Given Microsoft's connection to the attacks, researchers from the Microsoft 365 Defender Threat Intelligence Team revealed Thursday in a blog post what they have seen of the campaign.

Cybercriminals shifted away from stealing individual consumers' information in 2020 to focus on bigger, more profitable attacks on businesses, according to a report from the Identity Theft Resource Center. Ransomware and phishing attacks are now the preferred form of data theft because they require less effort and generate bigger payouts.

It's not easy to justify cybersecurity spends based on financial gains. One of the toughest jobs that cybersecurity professionals face is convincing C-suite executives there is an actual Return On Investment from cybersecurity spends.

European encrypted services providers ProtonMail, Threema, Tresorit and Tutanota on Thursday urged European Union policy makers to rethink plans that would require the implementation of encryption backdoors. The Council of the European Union in December adopted a resolution on "Security through encryption and security despite encryption." The council said it supports the development and use of strong encryption to protect citizens and organizations, but at the same time it believes law enforcement and judicial authorities need to be able to exercise their legal powers.

Libgcrypt 1.9.0, the newest version of a cryptographic library integrated in the GNU Privacy Guard free encryption software, has a "Severe" security vulnerability and should not be used, warned Werner Koch. Libgcrypt is a general purpose cryptographic library used by GnuPG, but some other encryption software also employ it.

A vulnerability in the Windows Installer component, which Microsoft attempted to fix several times to no avail, today received a micropatch to deny hackers the option of gaining the highest privileges on a compromised system. Windows 10 v20H2, 32/64bit, updated with January 2021 updates.

Primarily, the report highlights a rise in ransom-related DDoS attacks, by which extortion demands are issued against organizations. While RDDoS is not a new phenomenon for many online industries, attackers have recently set their sights on organizations across a wider variety of sectors including financial services, government and telecommunications.

Cisco published a study which found enhanced importance of privacy protections during the pandemic and increasing benefits for businesses that adopt strong privacy measures. The survey analyzed the responses of 4,400 security and privacy professionals across 25 countries and explored attitudes towards privacy legislation and the emergence of privacy metrics being reported to executive management.