Security News > 2021 > May

Texas-based IT management company SolarWinds on Friday shared more information on the impact of the significant breach disclosed late last year, and claimed that less than 100 of its customers were actually hacked. Initial reports said more than 250 organizations were actually breached, but the U.S. government later said that it had identified roughly 100 private sector companies and 9 federal agencies whose systems were targeted by the attackers.

The cyberextortion attempt that has forced the shutdown of a vital U.S. pipeline was carried out by a criminal gang known as DarkSide that cultivates a Robin Hood image of stealing from corporations and giving a cut to charity, two people close to the investigation said Sunday. Commerce Secretary Gina Raimondo said Sunday that ransomware attacks are "What businesses now have to worry about," and that she will work "Very vigorously" with the Department of Homeland Security to address the problem, calling it a top priority for the administration.

Domains'n'hosting outfit Namecheap harboured more than a quarter of all known phishing sites that falsely posed as UK government web presences during 2020, according to the National Cyber Security Centre today. It also encountered the usual COVID-themed ones we've all become familiar with over the last year - fake copies of the NHS Test and Trace app laced with malware - plus sites impersonating Capita TV Licensing, the outsourced subscription sales arm of the BBC. Email scams were also popular, with 26,000 being shut down after netizens flooded the NCSC's email reporting portal with complaints of four million suspicious messages.

Cybersecurity researchers have disclosed a new security vulnerability in Qualcomm's mobile station modems that could potentially allow an attacker to leverage the underlying Android operating system to slip malicious code into mobile phones, undetected. Designed since the 1990s, Qualcomm MSM chips allows mobile phones to connect to cellular networks and allow Android to take to the chip's processor via the Qualcomm MSM Interface, a proprietary protocol that enables the communication between the software components in the MSM and other peripheral subsystems on the device such as cameras and fingerprint scanners.

For as long as corporate IT has been in existence, users have been required to change their passwords periodically. Microsoft has reversed course on the best practices that it has had in place for decades and no longer recommends that organizations require users to change passwords periodically.

One way to tackle these new threats was adopting a managed cybersecurity solution to provide 24/7/365 monitoring, protect applications and network infrastructures, perform incident response, and so on. To select a suitable managed cybersecurity solution for your business, you need to think about a variety of factors.

Why? Hackers are able to use image steganography techniques to conduct malicious activity and ultimately compromise enterprise networks. What is image steganography? Image steganography is the practice of using hidden writing techniques to secretly pass information embedded within images.

"Simple" can often be harder than "Complex." When thinking about the trickiest phishing campaigns and their components, URL redirection does not immediately come to mind as the part causing the trouble. URL forwarding is one method that is often abused by cybercriminals to create multi-layered phishing attacks.

Some DDoS attacks are leveraging RDP servers to amplify their effect, and malware like Trickbot is employing scanners to identify vulnerable open RDP ports. RDP needs to be well protected, and direct access should never be provided to an RDP server.

The good news is that the team is also helping users better protect themselves by raising awareness about these security issues and developing an app that addresses those vulnerabilities. The researchers showcased the Bitcoin Security Rectifier.