Security News > 2021 > September

A new advanced persistent threat has been behind a string of attacks against hotels across the world, along with governments, international organizations, engineering companies, and law firms. Slovak cybersecurity firm ESET codenamed the cyber espionage group FamousSparrow, which it said has been active since at least August 2019, with victims located across Africa, Asia, Europe, the Middle East, and the Americas, spanning several countries such as Burkina Faso, Taiwan, France, Lithuania, the U.K., Israel, Saudi Arabia, Brazil, Canada, and Guatemala.

In addition to these design overhauls, Windows 11 also comes with a new File Explorer and Settings app. File Explorer is getting a new header menu, modern context menu and minor improvements.

Microsoft announced that Basic Authentication will be turned off for all protocols in all tenants starting October 1st, 2022, to protect millions of Exchange Online users. "Today, we are announcing that, effective October 1, 2022, we will begin to permanently disable Basic Auth in all tenants, regardless of usage," the Exchange Online Team said earlier this week.

Securing Kubernetes as it becomes mainstreamIn this interview with Help Net Security, Shauli Rozen, CEO at ARMO, talks about securing Kubernetes systems, what makes them susceptible to cyberattacks and what should organizations expect when deploying them. What businesses need to know about data decayData decay is the aging and obsolescence of data in such a way that makes it no longer usable due to loss of its integrity, completeness, and accuracy.

Microsoft has released an emergency fix for freezing and crashing app issues caused by September's KB5005565 and KB5005101 cumulative updates. With the release of the Windows 10 KB5005101 preview update and the KB5005565 cumulative update, Microsoft states that users may have experienced app freezes, app crashes, and the inability to launch an application.

Security researchers have found a flaw in the Microsoft Windows Platform Binary Table that could be exploited in easy attacks to install rootkits on all Windows computers shipped since 2012. WPBT is a fixed firmware ACPI table introduced by Microsoft starting with Windows 8 to allow vendors to execute programs every time a device boots.

This week, threat actors hijacked Bitcoin.org, the authentic website of the Bitcoin project, and altered its parts to push a cryptocurrency giveaway scam that unfortunately some users fell for. Bitcoin.org hacked to run 'double your money' scam.

September 20th 2021 US farmer cooperative hit by $5.9M BlackMatter ransomware attack. U.S. farmers cooperative NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data and provide a decryptor.

Network security company SonicWall has addressed a critical security vulnerability affecting its Secure Mobile Access 100 series appliances that can permit remote, unauthenticated attackers to gain administrator access on targeted devices remotely. Tracked as CVE-2021-20034, the arbitrary file deletion flaw is rated 9.1 out of a maximum of 10 on the CVSS scoring system, and could allow an adversary to bypass path traversal checks and delete any file, causing the devices to reboot to factory default settings.

Cybersecurity researchers have disclosed a novel technique adopted by threat actors to deliberately evade detection with the help of malformed digital signatures of its malware payloads. "Attackers created malformed code signatures that are treated as valid by Windows but are not able to be decoded or checked by OpenSSL code - which is used in a number of security scanning products," Google Threat Analysis Group's Neel Mehta said in a write-up published on Thursday.