Security News > 2021 > January

A recent slew of related ransomware attacks on top videogame companies has been associated with the notorious Chinese-linked APT27 threat group, suggesting that the advanced persistent threat is swapping up its historically espionage centralized tactics to adopt ransomware, a new report says. Researchers noticed the "Strong links" to APT27 when they were brought in as part of incident response for ransomware activity that affected several major gaming companies globally last year as part of a supply-chain attack.

Implementing the measures in NSA's guidance eliminates the false sense of security provided by obsolete encryption protocols by helping block insecure TLS versions, cipher suites, and key exchange methods to properly encrypt network traffic. Updating TLS configurations will provide government and enterprise organizations with stronger encryption and authentication to help them build a better defense against malicious actors' attacks and protect important information.

These applications, which were promoted on cryptocurrency and blockchain-related forums such as bitcointalk​ and ​SteemCoinPan​, relate directly to cryptocurrency. They purport to be "​Jamm​" and "​eTrade," which are cryptocurrency trade management applications, and "​DaoPoker,​" a cryptocurrency poker app.

Google this week announced the January 2021 security updates for Android devices, which address 42 vulnerabilities, including four rated critical severity. Addressed as part of the 2021-01-01 security patch level and tracked as CVE-2021-0316, the most important of these flaws is a critical security bug in System that could be exploited to achieve code execution remotely.

HTTPS, as you probably know, stands for secure HTTP, and it's a cryptographic process - a cybersecurity dance, if you like - that your browser performs with a web server when it connects, improving privacy and security by agreeing to encrypt the data that goes back and forth. Why is HTTP still the default choice of your browser if you type an URL into the address bar and don't explicitly put https:// at the start?

It's a new year, and with it comes a new ransomware called Babuk Locker that targets corporate victims in human-operated attacks. Babuk Locker is a new ransomware operation that launched at the beginning of 2021 and has since amassed a small list of victims from around the world.

Security researchers have observed the first attempts to compromise Zyxel devices using a recently disclosed vulnerability related to the existence of hardcoded credentials. The attacks, currently small in numbers, target CVE-2020-29583, a vulnerability affecting several Zyxel firewalls and WLAN controllers that was publicly disclosed at the end of December.

Data from a breach that occurred five months ago involving Juspay, which handles payments for Amazon and other online retailers in India, has been dumped online, a researcher has found. Security researcher Rajshekhar Rajaharia discovered data of 35 million Indian credit-card holders from a breach of a Juspay server that occurred on Aug. 18, he revealed on Twitter.

Microsoft has released the January 2021 non-security Microsoft Office updates with fixes for known issues impacting Windows Installer editions of Office 2016 products. Microsoft has also released non-security updates in Current Channel releases for Microsoft 365 Apps to address Excel crashes and Outlook hangs.

The New York Times has an in-depth article on the latest information about the SolarWinds hack. Initial estimates were that Russia sent its probes only into a few dozen of the 18,000 government and private networks they gained access to when they inserted code into network management software made by a Texas company named SolarWinds.