Security News > 2021 > April

Cisco this week released patches for multiple vulnerabilities in Firepower Threat Defense software, including high-severity issues that could be exploited for arbitrary command execution or denial-of-service attacks. An attacker able to abuse it may execute arbitrary commands as root on the underlying OS. The flaw exists because user-supplied command arguments aren't sufficiently validated, and affects Firepower 4100 and Firepower 9300 series appliances.

The Institute for Security and Technology's Ransomware Task Force on Thursday published an 81-page report presenting policy makers with 48 recommendations to disrupt the ransomware business and mitigate the effect of such attacks. The report, provided in advance of publication to The Register and due to appear here, attempts to provide guidance for dealing with the alarmingly popular scourge of ransomware, which generally involves miscreants who obtain access to poorly secured systems and steal or encrypt system data, thereafter offering to restore it or keep quiet about the whole thing in exchange for a substantial payment.

A previously undocumented Linux malware with backdoor capabilities has managed to stay under the radar for about three years, allowing the threat actor behind the operation to harvest and exfiltrate sensitive information from infected systems. Dubbed "RotaJakiro" by researchers from Qihoo 360 NETLAB, the backdoor targets Linux X64 machines, and is so named after the fact that "The family uses rotate encryption and behaves differently for root/non-root accounts when executing."

Bad actors with suspected ties to China have been behind a wide-ranging cyberespionage campaign targeting military organizations in Southeast Asia for nearly two years, according to new research. Attributing the attacks to a threat actor dubbed "Naikon APT," cybersecurity firm Bitdefender laid out the ever-changing tactics, techniques, and procedures adopted by the group, including weaving new backdoors named "Nebulae" and "RainyDay" into their data-stealing missions.

The maintainers of Composer, a package manager for PHP, have shipped an update to address a critical vulnerability that could have allowed an attacker to execute arbitrary commands and "Backdoor every PHP package," resulting in a supply-chain attack. "Fixed command injection vulnerability in HgDriver/HgDownloader and hardened other VCS drivers and downloaders," Composer said its release notes for versions 2.0.13 and 1.10.22 published on Wednesday.

Which is why SANS has developed the SANS Foundations: Computers, Technology, and Security Course. If you're at the threshold of your cybersec career, be assured that the course has been designed for those with "Zero technical and security knowledge" with the aim of giving them "Sufficient theoretical understanding and applied practical skills that will enable students to speak the same language as industry professionals".

The vast majority of ransomware attacks now include the theft of corporate data, Coveware says, but victims of data exfiltration extortion have very little to gain by paying a cyber criminal. The data may be published before a victim can respond to an extortion attempt, and the threat actors may not provide complete records of what was taken even if the victim pays up.

Pentesting can fortify organizations' general security posture, full stop, and is a critical measure for organizations to put in place proactively to prevent security breaches. There are misconceptions about the role of pentesting and what companies and security programs it is best for.

Digital Ocean on Wednesday said someone was able to snoop on some of its cloud subscribers' billing information via a now-patched vulnerability. In an email to affected customers seen by The Register - and full disclosure, your Register vulture is a customer - the rent-a-server biz said that two days ago it confirmed a miscreant had gained unauthorized access to some people's account records.

released a study which provides insights on how to successfully staff up a balanced and diverse cybersecurity team with a broad range of skills. The research reflects the opinions of 2,034 cybersecurity professionals and cybersecurity jobseekers throughout the US and Canada.