Security News > 2021 > February

Microsoft announced that Defender for Endpoint will now also help admins discover OS and software vulnerabilities affecting macOS devices on their organization's network. "This capability expansion enables organizations to discover, prioritize, and remediate both software and operating system vulnerabilities on devices running macOS," Microsoft Senior Product Manager Tomer Reisner said.

Embedded system software provider Wind River Systems has started informing employees of a data breach that resulted in their personal information being stolen by a third party. Its product portfolio includes the Wind River Linux operating system and the VxWorks real-time operating system.

Hundreds of investors in a fake cryptocurrency scam were bilked out of $11 million by John DeMarr, who advised them to invest in fake cryptocurrency "Bitcoiin," took their money and spent it on a Porsche, jewelry and upgrades to his home, a criminal complaint from the Department of Justice alleges. Actor Steven Seagal was hired to promote the company, also known as "Bitcoiin2Gen" or "B2G," and was ordered last year by the Securities and Exchange Commission to pay a $157,000 penalty, without admitting to any crimes.

ValidCC, a dark web bazaar run by a cybercrime group that for more than six years hacked online merchants and sold stolen payment card data, abruptly closed up shop last week. There are dozens of online shops that sell so-called "Card not present" payment card data stolen from e-commerce stores, but most source the data from other criminals.

The Trickbot malware has been upgraded with a network reconnaissance module designed to survey local networks after infecting a victim's computer. Trickbot uses the network scanner module to map the victims' networks and send home information on any devices with open ports.

ESET identified Kobalos victims by scanning for connections to SSH servers that use a specific TCP source port known to be abused by the malware. Kobalos also is likely using stolen credentials - ESET observed that in systems compromised by Kobalos, any SSH client in use has credentials stolen using a second-stage malware.

Two web skimmers have been discovered on the payment webpages of Costway, one of the top retailers in North America and Europe, which sells appliances, furniture and more. The skimmers are targeting consumers' credit-card payment details.

The 25+ year gap between IT and Operational Technology security means that OT networks have few, if any, modern security controls in place, as many of these Industrial Control Systems are legacy assets that were not designed with security in mind and were previously isolated, until digital transformation came along. With asset visibility to identify vulnerabilities and suspicious behavior, continuous threat monitoring to detect and track threats that cross the IT/OT boundary, and secure remote access solutions with strict controls over sessions, we can jumpstart the process of closing the IT/OT security gap.

A threat actor has infected an e-commerce store with a custom credit card skimmer designed to siphon data stolen by a previously deployed Magento card stealer. Credit card skimmers are JavaScript scripts that cybercrime groups known as Magecart groups inject into hacked e-commerce sites as part of web skimming attacks.

Apple has pulled iCloud 12 for Windows 10 from the Microsoft Store for what is believed to be issues with their new Chrome iCloud Keychain password synchronization feature. On January 26th, Apple released iCloud 12 with a new 'Passwords' feature, that when enabled, prompts users to install an 'iCloud Passwords' extension to synchronize and automatically fill in passwords saved in the iCloud Keychain.