Security News > 2021 > May

A recent Windows 10 1909 cumulative update prevents Microsoft 365 desktop users from logging into Microsoft Teams, Microsoft Outlook, and Microsoft OneDrive for Business. This issue is caused by the Windows 10 1909 KB5003169 cumulative update released last week as part of the May 2021 Patch Tuesday updates.

You've probably assumed, or at least hoped, when you've handed over data during the pandemic "For the greater good of all", that the company collecting it would treat it with more than the usual amount of care. The ICO noted that immediately below the abovementioned consent checkbox was wording that said, "To comply with Government Guidance during the Covid-19 pandemic, we are collecting your name and contact details. We will store these for 21 days only before deleting them in line with GDPR regulations. Your details will not be shared with any other company or organisation."

SSH keys can be used in Linux or operating systems that support OpenSSH to facilitate access to other hosts without having to enter a password. Here's where secure shell, or SSH, keys come in handy to facilitate access.

Microsoft is finally retiring Internet Explorer 11 from some Windows 10 versions and replacing it with the Chromium-based Microsoft Edge. "Microsoft Edge has Internet Explorer mode built in, so you can access those legacy Internet Explorer-based websites and applications straight from Microsoft Edge," said Sean Lyndersay, Microsoft Edge Partner Group Program Manager.

The Qlocker ransomware gang has shut down their operation after earning $350,000 in a month by exploiting vulnerabilities in QNAP NAS devices. As a possible sign of their impending shutdown, the Qlocker Tor sites began displaying a message stating that "This site will be closed soon."

Colonial Pipeline chief executive Joseph Blount has confirmed the company shelled out $4.4 million to purchase a decryption key to recover from the disruptive ransomware attack that caused gasoline shortages in parts of the U.S. A Wall Street Journal report said Colonial Pipeline made the $4.4 million payment on the evening of May 7 in the form of bitcoin. "Colonial Pipeline is critical to the economic and national security of our nation," a company spokesperson told SecurityWeek.

A recently developed botnet named "Simps" has emerged from the cyber-underground to carry out distributed denial-of-service attacks on gaming targets and others, using internet of things nodes. According to the Uptycs' threat research team, Simps was first seen in April being dropped on IoT devices by the Gafgyt botnet.

According to info provided by Google's Project Zero team, four Android security vulnerabilities were exploited in the wild as zero-day bugs before being patched earlier this month. Attacks attempting to exploit these flaws were targeted and impacted a limited number of users based on information shared after this month's Android security updates were published.

At the first-ever virtual Google I/O, Alphabet Chief Executive Officer Sundar Pichai talked about news on Workspace, quantum computing and privacy needs. The keynote for Google I/O was live streamed from Google's headquarters in Mountain View, California on Tuesday, and Google executives touched on everything from new collaboration features in Workspace, to quantum computing, to improved privacy controls.

Neal Dennis: There's a lot of good things out there that are kind of one-offs, or staging one-offs, when the campaigns in the cyberwar kick off. You're kind of out in front of the threats as a community.