Security News > 2021 > January

"My general rule is that if it makes people a little crazy then it's a candidate for a phishing scheme," Tom Pendergast, chief learning officer at MediaPro told Threatpost. "Since these documents being released is a legitimate piece of news, it increases the likelihood of a successful phishing attack," Schless said.

The affected server, hosted by Tencent, was segmented into indices in order to store data obtained from each social-media source, which allowed researchers to look into the data further. "Our research team was able to determine that the entirety of the leaked data was 'scraped' from social-media platforms, which is both unethical and a violation of Facebook's, Instagram's and LinkedIn's terms of service," researchers said, in a Monday blog post.

Intel announced today at CES 2021 that they have added hardware-based ransomware detection to their newly announced 11th generation Core vPro business-class processors. These hardware-based detections are accomplished using Intel Threat Detection Technology and Hardware Shield that run directly on the CPU underneath the operating system and firmware layers.

Ubiquiti, a major vendor of cloud-enabled Internet of Things devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The company says an incident at a third-party cloud provider may have exposed customer account information and credentials used to remotely manage Ubiquiti gear.

These posts reportedly included Parler video URLs made up of raw video files with associated embedded metadata - and precise GPS coordinates of where the videos were taken, sparking privacy concerns about the service's data collection. Amazon reportedly informed Parler it was removing it from its web hosting service on Sunday night, essentially stripping it of the infrastructure it relies on to operate.

Kaspersky's latest analysis of the Sunburst backdoor has revealed a number of shared features between the malware and Kazuar, leading the researchers to suspect that -. The groups behind Kazuar and Sunburst obtained the malware from a single source.

Bitdefender on Monday announced the availability of a free tool that organizations can use to recover files encrypted by DarkSide, a piece of ransomware that cybercriminals claim helped them make millions. DarkSide operators have been making money not only by encrypting important files on compromised systems, but also by stealing valuable information to pressure victims into paying up.

Here's our latest Naked Security Live talk, explaining why HTTPS is vital, even if you're publishing public data that isn't confidential. Thats because HTTPS isn't just about the confidentiality of the data you browse to - it's also about improving your privacy in respect of what you chose to look at, when you looked at it, what you browsed to next, and so on.

New details on the Sunburst backdoor used in the sprawling SolarWinds supply-chain attack potentially link it to previously known activity by the Turla advanced persistent threat group. "After the Sunburst malware was first deployed in February 2020, Kazuar continued to evolve and later 2020 variants are even more similar, in some respects, to Sunburst," the firm noted in an analysis published on Monday.

Microsoft has released Sysmon 13 with a new security feature that detects if a process has been tampered using process hollowing or process herpaderping techniques. Process hollowing is when malware launches a legitimate process in a suspended state and replaces legitimate code in the process with malicious code.