Security News > 2021 > May

A new ransomware operation known as Lorenz targets organizations worldwide with customized attacks demanding hundreds of thousands of dollars in ransoms. The Lorenz ransomware gang began operating last month and has since amassed a growing list of victims whose stolen data has been published on a ransomware data leak site.

Leading US-based insurance company CNA Financial has fully restored systems following a Phoenix CryptoLocker ransomware attack that disrupted its online services and business operations during late March. CNA provides a wide range of insurance products, including cyber insurance policies, and is the sixth-largest commercial insurance company in the US according to stats provided by the Insurance Information Institute.

Physical security keys introduce a new twist to 2FA. Instead of using a code delivered to your phone, the hardware-based key is a dongle you insert into your company laptop or other registered access device. The private key remains on the device, while the public key is sent to the site with which it is registered.

President Joe Biden signed an Executive Order Wednesday designed to better protect the federal government's networks from cyberattacks, following the attack this week on the Colonial Pipeline. The goal of the EO is to modernize cybersecurity defenses by protecting federal networks and improving information-sharing between the government and private entities on cyber matters.

Citrix this week announced that it has patched a local privilege escalation vulnerability in the Citrix Workspace app for Windows. All supported versions of Citrix Workspace app for Windows are affected by the security hole.

A cyberattack campaign that goes after aviation targets has been uncovered, which is spreading remote access trojan malware bent on cyber-espionage. Once installed, the RATs connect to a command-and-control server that's hosted on a dynamic hosting site to register with the attackers.

The annual bible of security breaches landed on Thursday with confirmation of more bad news: ransomware attacks continue to explode as organizations struggle with securing web apps, cloud deployments and employees victimized by social engineering. The data, contained in the new Verizon 2021 Data Breach Investigations Report, shows that data-encrypting ransomware attacks appear in about 10 percent of breaches, more than double the frequency from last year.

President Biden signed an executive order to improve government cybersecurity, setting new security standards for software sold to the federal government. For the first time, the United States will require all software purchased by the federal government to meet, within six months, a series of new cybersecurity standards.

Cisco has fixed a six-month-old zero-day vulnerability found in the Cisco AnyConnect Secure Mobility Client VPN software, with publicly available proof-of-concept exploit code. The company's AnyConnect Secure Mobility Client allows working on corporate devices connected to a secure Virtual Private Network through Secure Sockets Layer and IPsec IKEv2 using VPN clients available for all major desktop and mobile platforms.

Apple's "Find My device" function for helping people track their iOS and macOS devices can be exploited to transfer data to and from random passing devices without using the internet, a security researcher has demonstrated. Security researcher Fabian Bräunlein with Positive Security developed a proof of concept, using a microcontroller and a custom MacOS app, that can broadcast data from one device to another via Bluetooth Low Energy.