Security News > 2021 > May

Taiwanese network-attached storage appliance manufacturer QNAP Systems has revealed that a vulnerability in its Hybrid Backup Sync software has been exploited in Qlocker ransomware attacks. Last month, the maker of NAS devices and professional network video recorder solutions warned of QNAP NAS devices being targeted by two ransomware families known as Qlocker and eCh0raix, advising users to download and install its Malware Remover tool to identify infections.

Mozilla Thunderbird spent the last couple of months saving some users' OpenPGP keys in plain text - but that's now been patched, the author of both the bug and the patch fixing it has told The Register. The vulnerability, assessed as "Low" impact by Mozilla, existed in the free open source Thunderbird email client between version 78.8.1 and version 78.10.1 after a crestfallen maintainer realised carefully designed protections were in fact not protecting users' private OpenPGP keys.

"Employee monitoring has always been an important privacy issue, but the pandemic has ushered in a new era of heightened surveillance that is incredibly concerning. In addition to fracturing the level of trust between an employee and an employer, it can make the workplace a hostile environment for workers and puts us one dangerous step closer towards the normalization of surveillance," said Harold Li, vice president of ExpressVPN, in a press release. About six in 10 employers said they don't trust their employees to work "Without in-person supervision" and a similar number reported the same sentiment about employees working "Without digital supervision." The vast majority of bosses and/or executives said they use software to "Track employee performance and/or online activity" and more than half have incorporated these technologies in the last six months, according to ExpressVPN. SEE: IT expense reimbursement policy.

An FBI analyst with top-secret security clearance illegally squirreled away national-security documents related to Osama bin Laden, al-Qaeda, cybersecurity and more in her home for years, the feds say. Kendra Kingsbury, who was working in the FBI's Kansas City Division until being put on leave in December 2017, has been indicted by a federal grand jury for allegedly routinely removing numerous documents from their safekeeping at the office, over and over during the period between June 2004 to Dec. 15, 2017.

Looking to eke out as much security as you can from your Linux servers? Jack Wallen shows you how you can limit the information would-be ne'er-do-wells get by disabling the login banner. When you log in to Linux, either by way of SSH or the console, you are greeted with a banner that offers up a few important bits of information.

The Indonesian government is blocking access to the RaidForums hacking forum after the alleged personal information of Indonesian citizens was posted online. While the Indonesian government has not confirmed if the data is legitimate, they have performed a random investigation of 1 million records and believe a more thorough investigation needs to be conducted by the government's information technology and cybersecurity agencies.

The FBI says it has observed 16 Conti ransomware attacks that targeted healthcare and first responder networks in the United States over the past year. First detailed in July 2020, Conti has grown to become a major threat, with more than 400 organizations worldwide being hit by the ransomware to date.

The attacks have targeted US healthcare and first responder networks with ransom demands as high as $25 million, says the FBI. Healthcare and first responder networks should be on guard for a continuing series of ransomware attacks uncovered by the FBI. In an alert published last Thursday, the agency said that it found at least 16 Conti ransomware attacks against law enforcement agencies, emergency medical services, 911 dispatch centers and municipalities within the past year. More specifically, Conti attacks typically steal network access through malicious email links and attachments or hijacked Remote Desktop Protocol credentials.

In early March, Microsoft shocked businesses around the world when it issued a warning that Chinese cyber-espionage operators were chaining multiple zero-day exploits to siphon e-mail data from Microsoft Exchange servers around the world. In this exclusive session at SecurityWeek's Threat Intelligence Summit, Josh Grunzweig, Threat Intelligence Analyst at Volexity, the firm credited with discovering the original attack, will detail the original discovery of the Microsoft Exchange zero-day vulnerabilities that were exploited by targeted attackers in early 2021.

Bitcoin scams have soared over the last seven months. The surge started around October 2020, and the scams are continuing today.