Security News > 2021 > September

2021 list shows how far application security has come and how much work is left to do. Security expert and Veracode CTO Chris Wysopal identified broken access control as a security risk in 1996.

Microsoft is investigating an ongoing Multi-Factor Authentication issue preventing some customers from logging into their Microsoft 365 accounts. "We're investigating an issue with Multi-Factor Authentication that is preventing some users from accessing Microsoft 365 services. Additional information will be provided in the admin center under MO287933, the company tweeted."

A working exploit for the critical CVE-2021-22005 remote-code execution vulnerability in VMware vCenter is now fully public and is being exploited in the wild. "This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the configuration settings of vCenter Server," said Bob Plankers, Technical Marketing Architect at VMware, when VMware announced the vulnerability on Tuesday.

A new script allows you to install Windows 11 on devices with incompatible hardware, such as missing TPM 2.0, incompatible CPUs, or the lack of Secure Boot. When Windows 11 was first announced, Microsoft released the operating system's new system requirements, which included a TPM 2.0 security processor, Secure Boot, newer CPUs, and at least 64 GB of hard drive space.

These two sites tell you what sorts of information you’re leaking from your browser.

Researchers from the Microsoft Threat Intelligence Center have observed the APT it calls Nobelium using a post-exploitation backdoor dubbed FoggyWeb, to attack Active Directory Federation Services servers. Once a server is compromised, the threat group deploys FoggyWeb "To remotely exfiltrate the configuration database of compromised AD FS servers, decrypted token-signing certificates and token-decryption certificates," he said, which can be used to penetrate into users' cloud accounts.

The Security Service of Ukraine has taken down a network of six call centers in Lviv, used by a ring of scammers to defraud cryptocurrency investors worldwide. Fraudsters behind these illegal call centers used VoIP phone numbers to hide their locations while scamming thousands of foreign investors.

Another health care provider has apparently been the victim of a ransomware attack that exposed private patient information and other sensitive data. A ransomware group known as Vice Society has claimed responsibility for an August attack against United Health Centers that allegedly impacted all of its locations.

Giant Group, the umbrella company that has thousands of contractors on its books, has been targeted by a "Sophisticated" cyber-attack that floored systems and left workers out in the cold, the biz has now confirmed. The attack happened last Wednesday and forced the outfit - known to many as Giant Pay - to shut down its whole network, including its phone and email systems, as well as its IT infrastructure.

Microsoft has added a new Exchange Server feature that automatically applies interim mitigations for high-risk security flaws to secure on-premises servers against incoming attacks and give admins more time to apply security updates.The new Exchange Server component, aptly named Microsoft Exchange Emergency Mitigation service, builds upon Microsoft's Exchange On-premises Mitigation Tool released in March to help customers minimize the attack surface exposed by the ProxyLogon bugs.