Security News > 2021 > September

Google said, in an August report, the number of geofence warrants the company received from law enforcement agencies jumped from 982 in 2018 to 11,554 in 2020. "Since the start of 2018, we have seen a rise in the number of search warrants in the United States that order Google to identify users, based on their Location History information, who may have been in a given area within a certain time," Google said.

ROT8000 is the Unicode equivalent of ROT13. What’s clever about it is that normal English looks like Chinese, and not like ciphertext (to a typical Westerner, that is).

Acronis, the Swiss-Singaporean cyber protection company, has recently opened its long-standing bug bounty program to the public at large - now able to process twice as many reports. Through the HackerOne platform, Acronis has worked closely with the security community to improve the protection capabilities of its products since 2018 - paying ethical hackers and penetration testers for any security flaws they uncover and report.

An alarming 32% of sample domains containing the names of the 10 most-impersonated brands have been found malicious by WhoisXML API researchers. Domain Brand Monitor detected 182 ways by which "Amazon" can be misspelled.

A second leak of Afghan interpreters' personal data was reportedly committed by the Ministry of Defence, raising further questions about the ministry's commitment to the safety of people in Afghanistan, some of whom are its own former employees. The BBC reported overnight that the details of a further 55 Afghans - claimed to be candidates for potential relocation - had been leaked through the classic cc-instead-of-bcc email blunder, echoing the previously reported breach of 250 interpreters' data through a similar failure.

Ransomware attacks have hit "Stratospheric" levels, according to a report released Wednesday by cybersecurity firm Positive Technologies. In the second quarter of 2021, ransomware accounted for 69% of all attacks involving malware, a 30% jump from the same quarter in 2020.

Researchers have unearthed 11 vulnerabilities affecting Nagios XI, a widely used enterprise IT infrastructure/network monitoring solution, some of which can be chained to allow remote code execution with root privileges on the underlying system.Attackers are likely to try to exploit vulnerabilities in network management systems like Nagios because their oversee critical network components and core servers and often contain many network secrets so they can do their job, Claroty researchers noted.

The turnkey platform allows users to customize campaigns and develop their own phishing ploys so they can then use the PhaaS platform to help with phishing kits, email templates and hosting services needed to launch attacks. With more than 100 available phishing templates that mimic known brands and services-including Microsoft itself-the BulletProofLink operation is responsible for many of the phishing campaigns that impact enterprises today, they said.

An "Insidious" new SMS smishing malware has been found targeting Android mobile users in the U.S. and Canada as part of a new campaign that uses SMS text message lures related to COVID-19 regulations and vaccine information in an attempt to steal personal and financial data. Proofpoint's messaging security subsidiary Cloudmark coined the emerging malware "TangleBot."

It's not entirely certain that FamousSparrow represents a wholly new APT group. While the SparrowDoor tool appears to be exclusive and suggests a new player, the researchers found potential links between FamousSparrow and existing APT groups - including the use of the Motnug loader known to have been used by a group dubbed SparklingGoblin and a SparrowDoor-compromised machine seen to be connecting to a command and control server connected to the DRDControl group.