Security News > 2021 > May

As part of the May Patch cycle, Microsoft is rolling out a new cumulative update for all supported version of Windows. The cumulative update with security fixes is rolling out to PCs with October 2020 Update and May 2020 Update.

A new Android malware that impersonates the Google Chrome app has spread to hundreds of thousands of people in the last few weeks, according to researchers. The fake app is being used as part of a sophisticated hybrid cyberattack campaign that also uses mobile phishing to steal credentials.

Today is Microsoft's May 2021 Patch Tuesday, and with it comes three zero-day vulnerabilities, so Windows admins will be rushing to apply updates. With today's update, Microsoft has fixed 55 vulnerabilities, with four classified as Critical, 50 as Important, and one as Moderate.

The ransomware group that attacked Colonial Pipeline has in the past tried to donate some of its profits to charity in a twisted take on the tale of Robin Hood. DarkSide has garnered some publicity lately, and not especially wanted, after the FBI and others blamed the group for the recent ransomware attack against Colonial Pipeline, which forced the company to take down its operations.

Bad actors put a new twist on an existing piece of malware to steal private keys for cryptocurrency accounts and other account credentials, according to analysis from Trend Micro. Panda Stealer uses a fileless approach and looks for private keys and records of previous transactions from cryptocurrency wallets including Dash, Bytecoin, Litecoin and Ethereum, according to Trend Micro.

Microsoft has added support for identifying and assessing the security configurations of Linux and macOS endpoints on enterprise networks using Microsoft Defender for Endpoint. The secure configuration assessment feature is now in public preview, and it has expanded to include macOS and Linux devices after initially only supporting Windows 10 and Windows Server devices.

Here's a closer look at the DarkSide cybercrime gang, as seen through their negotiations with a recent U.S. victim that earns $15 billion in annual revenue. "We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives [sic]," reads an update to the DarkSide Leaks blog.

Adobe has released a massive Patch Tuesday security update release that fixes vulnerabilities in twelve different applications, including one actively exploited vulnerability Adobe Reader. Of particular concern, Adobe warns that one of the Adobe Acrobat and Reader vulnerabilities tracked as CVE-2021-28550 has been exploited in the wild in limited attacks against Adobe Reader on Windows devices.

As the world begins to open up and we crawl toward a brighter future, people are going to be looking for things to do and places to go - so we also expect to see social-engineering attacks start using things like travel and vacation deals to hook people. With many companies continuing to allow at least some of their employees to work remotely with no stipulated end date, security leaders have to stay abreast of the latest threats regarding edge access and browsers.

Priti Patel has promised a government review of the UK's 30-year-old Computer Misuse Act "This year" as well as condemning companies that buy off ransomware criminals. "As part of ensuring that we have the right tools and mechanisms to detect, disrupt and deter our adversaries, I believe now is the right time to undertake a formal review of the Computer Misuse Act," said Patel.