Security News > 2021 > May

The ransomware attack against Colonial Pipeline's networks has prompted the U.S. Federal Motor Carrier Safety Administration to issue a regional emergency declaration in 17 states and the District of Columbia. "Such [an] emergency is in response to the unanticipated shutdown of the Colonial pipeline system due to network issues that affect the supply of gasoline, diesel, jet fuel, and other refined petroleum products throughout the Affected States," the directive said.

Cybersecurity researchers on Monday disclosed a new Android trojan that hijacks users' credentials and SMS messages to facilitate fraudulent activities against banks in Spain, Germany, Italy, Belgium, and the Netherlands. Called "TeaBot", the malware is said to be in its early stages of development, with malicious attacks targeting financial apps commencing in late March 2021, followed by a rash of infections in the first week of May against Belgium and Netherlands banks.

It's the smallest monthly update from the computing giant since 2020, but it does contain a patch for a concerning wormable vulnerability found in the Windows OS. The good news is that none of the vulnerabilities are being actively exploited in the wild, according to Microsoft, though three are listed as publicly known. CVE-2021-26419: A scripting-engine memory corruption vulnerability in Internet Explorer 11 and 9 allowing RCE. CVE-2021-31194: An RCE bug in the Microsoft Windows Object Linking and Embedding Automation.

SolarWinds' chief exec has described the 18,000 customers who downloaded backdoored versions of its Orion software as a "Very small" number while giving a speech to an infosec event. "Although the number of affected customers is very small, that we eventually discovered, it is still a very important thing to discover, because this is a unique and very novel attack on the supply chain of a company," said Ramakrishna in his opening remarks - adding that "None of our source code control systems were tampered with."

GitHub, the ubiquitous host for software development and version control, is now supporting security keys when using Git over SSH. In a post on Monday, GitHub security engineer Kevin Jones said that this is the next step when it comes to increasing security and usability. These security keys, which include YubiKey, Thetis Fido U2F Security Key and Google Titan Security Keys, are easy to pop into your pocket and cart around between machines, with most connecting via USB, NFC or Bluetooth.

The Redmond-based firm's Office and Windows flagships house many of the identified vulnerabilities, alongside Internet Explorer, Visual Studio, Visual Studio Code, Skype, and other software. Those who recall the slew of Exchange Server fixes in March and April may experience a sense of deja vu: May brings still more Exchange Server fixes, for Exchange Server 2013 CU23, Exchange Server 2016 CU19 and CU20, and Exchange Server 2019 CU8 and CU9.

Microsoft's monthly security patch release for May 2021 includes cover for 55 documented vulnerabilities, some serious enough to expose Windows users to remote code execution attacks. Microsoft on Tuesday shipped another massive Patch Tuesday bundle with cover for at least 55 documented security vulnerabilities affecting products in the Windows ecosystem.

A patch for Adobe Acrobat, the world's leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution. Adobe is warning customers of a critical zero-day bug actively exploited in the wild that affects its ubiquitous Adobe Acrobat PDF reader software.

Apple recently announced a tracking device that it calls the AirTag, a new competitor in the "Smart label" product category. Products like the AirTag also announce themselves with regular Bluetooth beaconing transmissions, just like your phone does when it's in discoverable mode.

Cycode, an Israeli startup focused on securing DevOps tools, today announced that it has raised $20 million in Series A funding, which brings the total capital raised by the company up to $25 million. Founded in 2019, the Tel Aviv-based Cycode aims to provide visibility into source code, as well as the necessary means to detect anomalies and respond to them.