Security News > 2021 > May

The number of reported cases of possible attack is sharply growing and lawmakers from both parties, as well as those believed to be affected, are demanding answers. Chris Miller, the acting defense secretary during the last months of the Trump administration, created a Pentagon team to investigate the suspected attacks.

Cybersecurity researchers disclosed details about 13 vulnerabilities in the Nagios network monitoring application that could be abused by an adversary to hijack the infrastructure without any operator intervention. Put differently; the attack scenario works by targeting a Nagios XI server at the customer site, using CVE-2020-28648 and CVE-2020-28910 to gain RCE and elevate privileges to "Root." With the server now effectively compromised, the adversary can then send tainted data to the upstream Nagios Fusion server that's used to provide centralized infrastructure-wide visibility by periodically polling the Nagios XI servers.

Microsoft has now shifted its focus to the Windows 10 Sun Valley Update that will ditch sharp corners for rounded corners, Windows 95 icons for Fluent icons, and enable a new Start menu experience. The company also confirmed that Windows 10X features would be coming to Windows 10 with the Sun Valley and other upcoming features updates.

Google has released a minor Google Chrome update that fixes the worldwide browser crashes occurring since Thursday on Windows 10 and Linux. On Thursday, many Windows 10 users suddenly found that Google Chrome extensions and tabs were crashing, as shown in the image below.

The Microsoft Exchange admin portal is currently inaccessible from some browsers after Microsoft forgot to renew the SSL certificate for the website. Starting at 8 AM EST today, Microsoft Exchange admins who attempted to access the admin portal at admin.

The UK data regulator has fined American Express £90,000 for sending over 4 million spam emails to customers within one year. "During the investigation the ICO found that Amex had sent over 50 million, of what it classed as, servicing emails to its customers," the UK Information Commissioner's Office said.

Personal data of an unspecified number of travelers has been compromised after a company that serves India's national carrier was hacked, Air India said. The hackers were able to access 10 years' worth of data including names, passport and credit card details from the Atlanta-based SITA Passenger Service System, Air India said in a statement Friday.

To help organizations protect against ransomware attacks and recover from them if they happen, NIST has published an infographic offering a series of simple tips and tactics. Collaboration between network access brokers and ransomware actors deepensIn this Help Net Security podcast, Brandon Hoffman, CISO at Intel 471, discusses about the increased collaboration between network access brokers and ransomware operators, and how they funcion it today's threat landscape.

U.S. insurance giant CNA Financial reportedly paid $40 million to a ransomware gang to recover access to its systems following an attack in March, making it one the most expensive ransoms paid to date. CNA Financial's $40 million ransom only shows that 2021 continues to be a great year for ransomware, potentially emboldening cybercriminal gangs to seek bigger payouts and advance their illicit aims.

India's flag carrier airline, Air India, has disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years after its Passenger Service System provider SITA fell victim to a cyber attack earlier this year. The breach involves personal data registered between Aug. 26, 2011 and Feb. 3, 2021, including details such as names, dates of birth, contact information, passport information, ticket information, Star Alliance, and Air India frequent flyer data as well as credit card data.