Security News > 2021 > March

How a social engineer ripped off a victim lured in by one of those "Small outstanding fee to pay" home delivery scams. The ransomware crooks targeting networks that still haven't done their Hafnium patches.

Solarwinds has shipped a major security update to fix at least four documented security vulnerabilities, including a pair of bugs that be exploited for remote code execution attacks. The patches were pushed out Thursday as part of a minor security makeover of the Orion Platform, the same compromised Solarwinds product that was exploited in recent nation-state software supply chain attacks.

Facebook has taken on a group of hackers in China that target the Uyghur ethnic group with cyberespionage activity. The hacking group, known as Earth Empusa or Evil Eye, was targeting activists, dissidents and journalists involved in the Uyghur community, primarily those living abroad in Australia, Canada, Kazakhstan, Syria, Turkey and the United States, among other countries, by using fake Facebook accounts for fictitious people sympathetic to the Uyghur community.

Insurance giant CNA has suffered a ransomware attack using a new variant called Phoenix CryptoLocker that is possibly linked to the Evil Corp hacking group. "On March 21, 2021, CNA determined that it sustained a sophisticated cybersecurity attack. The attack caused a network disruption and impacted certain CNA systems, including corporate email," CNA disclosed in a statement.

A security vendor that built an NGFW platform may have had a top-notch firewall to use as an anchor solution, but then filled in the security roster with a second-rate IPS or web filtering solution. Each new network environment now comes with its unique requirements and challenges, and as a result, security solutions have begun to pop up like mushrooms across the network.

Hades ransomware has been linked to the Evil Corp cybercrime gang who uses it to evade sanctions imposed by the Treasury Department's Office of Foreign Assets Control. They later shifted to the ransomware "Business," first using Locky ransomware and then their own ransomware strain known as BitPaymer, deployed in attacks until 2019.

Manufacturing is particularly vulnerable to attacks through these apps, with 70 percent of applications having at least one serious vulnerability open over the previous 12 months, researchers found. That's according to a report from app-security firm WhiteHat Security, "AppSec Stats Flash Volume 3," which outlines how the increased prevalence of applications that are exposed to the internet through web, mobile and API-based interfaces has increased the attack surface and thus the security risk for organizations and their supply chains across the board.

The U.S. Cyber Command conducted more than two dozen operations aimed at preventing interference in last November's presidential election, the general who leads the Pentagon's cyber force said Thursday. He said his command's operations were designed "To get ahead of foreign threats before they interfered with or influenced our elections in 2020.".

In an era of keyless entry, connected cars and computerized everything, you'd think that car theft would be a thing of the past. Alas, as cars have gone more high-tech, so have car thieves.

Today, the OpenSSL project has issued an advisory for two high-severity vulnerabilities CVE-2021-3449 and CVE-2021-3450 lurking in OpenSSL products. CVE-2021-3450: An improper Certificate Authority certificate validation vulnerability which impacts both the server and client instances.