Security News > 2021 > May

I focused on interface usability and design principles focused on the human layer of cybersecurity, zeroing in specifically on comparing real-time strategy video games to what we do every day in cybersecurity. Let's take the simple design principle of a traffic light and go back to the design principles of RTS video games.

Apple's brand new Mac has a security hole, right inside the processor itself! The vulnerability is baked into Apple Silicon chips, and cannot be fixed without a new silicon revision.

The U.S. Justice Department this week announced indictments against 22 individuals who allegedly purchased and used payment cards stolen from a national retail chain. Using point-of-sale malware installed at multiple retail locations of the target company, threat actors stole information of over three million payment cards, including credit, debit, and gift cards used at over 400 of the company's retail stores.

Canada Post has informed 44 of its large commercial customers that a ransomware attack on a third-party service provider exposed shipping information for their customers. Yesterday, Canada Post disclosed that a third-party supplier named Commport Communications suffered a ransomware attack where threat actors accessed data stored in their systems.

The Federal Bureau of Investigation says state-sponsored attackers breached the webserver of a U.S. municipal government after hacking a Fortinet appliance. "As of at least May 2021, an APT actor group almost certainly exploited a Fortigate appliance to access a webserver hosting the domain for a U.S. municipal government," the FBI's Cyber Division said in a TLP:WHITE flash alert published today.

Japan's Ministry of Foreign Affairs and Ministry of Land, Infrastructure, Transport and Tourism this week confirmed impact from a data breach at service provider Fujitsu Limited. Earlier this week, the Japanese multinational provider of IT services and products confirmed it suffered a cyberattack resulting in unauthorized access to ProjectWEB, a tool that allows organizations to share data within and outside their environments.

Security researchers found a new BazarCall email phishing campaign that manages to bypass automated threat detection systems to deliver the BazarLoader malware used by the TrickBot gang. BazarCall is a new phishing method in use since the beginning of the year that relies on call centers to direct users to downloading malware laced documents.

If you've started rolling out AlmaLinux to your data centers, you should enable 2FA for SSH authentication. One way to beef up the security of any Linux server is to enable two-factor authentication for SSH logins.

In the wake of the ransomware attack against Colonial Pipeline, the Department of Homeland Security has revealed new requirements aimed at all pipeline owners and operators in the U.S. Announced by DHS' Transportation Security Administration on Thursday, the security directives are designed to better detect and combat cyber threats against companies in the pipeline industry. First, owners and operators of critical pipeline facilities will have to report both confirmed and potential cybersecurity incidents to DHS' Cybersecurity and Infrastructure Security Agency.

A May 1 ransomware attack against California hospital chain Scripps Health continues to impact both the organization and its patients almost a month later. On Monday, Scripps Health published an FAQ with new details about the attack as well as directions for affected patients.