Security News > 2021 > April

Microsoft has added AAC support for Bluetooth audio devices to the latest Windows 10 build released for Insiders in the Dev Channel. AAC is a lossy audio codec used by Apple devices and audio streaming platforms to provide high-quality audio streaming at low bitrates.

Researchers at Cybereason say they have discovered an undocumented malware targeting the Russian military sector and bearing the hallmarks of originating in China if not being Chinese state sponsored. One sample was found dropping previously unknown malware, that the Cybereason researchers have now called PortDoor.

A task force attached to the Institute for Security and Technology has released set of recommendations to combat the ransomware scourge currently hitting organizations around the world. A total of 48 recommendations are included in the document, focused on four major goals: to deter ransomware attacks and disrupt this business model, and to help organizations better prepare for attacks and efficiently respond to them.

The past four months have exposed two high-profile attacks, which both had pundits declaring them the "Worst-ever" and "Unprecedented." They shared other similarities - both attacked businesses rather than individuals, and affected tens of thousands of organizations. The second hack was against Microsoft Exchange servers and had a more familiar trajectory: Attackers found a series of zero-day vulnerabilities that could be chained together to break into any Exchange servers that were internet-accessible - and steal all the emails and files stored on them.

In a move akin to calling the fire brigade after your house has burned down, the UK government today announced the passage of a bill that would afford it powers to intervene in potentially hostile direct investment. The National Security and Investment Bill, which was introduced last November and has since received royal assent, gives the government powers to scrutinise, alter, and block transactions where there is a risk to national security.

Microsoft released PowerToys v0.37.0 yesterday with minor improvements and a significant change - it now requires a minimum version of Windows 10 1903. For those unfamiliar with Microsoft PowerToys, they are a set of small freeware utilities created by Windows developers to add extra functionality to Windows 10 or solve everyday tasks.

Cryptocurrency trading platform Hotbit has shut down all services for at least a week after a cyberattack that down several of its services on Thursday evening. Hotbit assured its roughly 2 million registered users from over 210 countries that their cryptocurrency assets were "Safe and secure."

The account information for almost 22 million ParkMobile customers is now in the hands of hackers and scammers after the data was released for free on a hacking forum. On March 26th, 2021, ParkMobile issued a security notification on their website stating that one of their services was hacked and unauthorized people gained access to customer data.

British AI-powered security startup Darktrace has enjoyed a bumper IPO Friday as its shares climbed 40 per cent on its London Stock Exchange debut. Raising £165m for the Cambridge-based cyber-security company and its backers, the IPO offered an opening value of £1.7bn. Darktrace says its "Enterprise immune systems" are designed to use machine learning to identify and respond to threats and incidents across cloud, IoT, virtualized networks, and industrial control systems.

Workers at Atlanta-based Insight Global "Disregarded security protocols established in the contract and created unauthorized documents" outside the state's secure data system, Health Department spokesman Barry Ciccocioppo said. About 900 Insight Global employees have been involved in contact tracing in the state, according to the Health Department.