Security News > 2021 > September

A phishing campaign that mostly targeted the global aviation industry may be connected to Nigeria, according to Cisco Talos. The malicious campaigns centred around phishing emails linking to "Off-the-shelf malware" being sent to people around the world - even those with a marginal interest in commercial aviation.

Microsoft today started rolling out Office LTSC for Windows and macOS, the non-subscription Office version for commercial and government customers. Office LTSC 2021 is specifically designed for organizations running regulated devices where feature updates can't be installed for years at a time, for devices without internet connections, as well as specialty systems that require a long-term servicing channel.

The relevant bug fixes were officially available in the OMI source code back on 12 August 2021, more than a month ago. Like WMI, the OMI code runs as a priviliged process on your servers so that sysadmins, and system administration software, can query and control what's going on, such as enumerating processes, kicking off utility programs, and checking up on system configuration settings.

A two-year-old espionage campaign against the airline industry is ongoing, with AsyncRAT and other commodity remote-access trojans helping those efforts take flight. The campaign can effectively be a bird strike to the business engine, so to speak, resulting in data theft, financial fraud or follow-on attacks, researchers said, who have uncovered new details about the perpetrators.

The FBI, CISA, and the Coast Guard Cyber Command today warned that state-backed advanced persistent threat groups are likely among those exploiting a critical flaw in a Zoho single sign-on and password management solution since early August 2021. The vulnerability tracked as CVE-2021-40539 was found in the Zoho ManageEngine ADSelfService Plus software, and it allows attackers to take over vulnerable systems following successful exploitation.

What does continuous mean in this context? And how do you look for something when the haystack is as big as your entire security footprint? The philosophy of BAS tools is that you simulate what real attacks do inside networks based on patterns drawn from threat intelligence. "Historically, we built these tools for quality assurance and test labs. It was built by geeks for geeks as a pre-deployment lab tool," explains Keysight's VP of security solutions, Scott Register.

Security researchers have discovered malicious Linux binaries created for the Windows Subsystem for Linux, indicating that hackers are trying out new methods to compromise Windows machines. The next step is to inject the malware into a running process using Windows API calls, a technique that is neither new nor sophisticated.

The FBI warned today that a massive spike of online romance scams this year caused Americans to lose more than $113 million since the start of 2021. The scammers behind this type of online fraud trend - which can lead to significant financial losses and devastating emotional scars - use fake online identities to gain potential victims' trust on dating or social media platforms.

Jack Wallen believes this milestone should help big businesses realize it is time to trust open source software. According to the company, "The certification further strengthens Canonical's industry-leading open source offering, reassuring customers in all industries that they can securely consume open source in a regulated fashion that complies with all the industry standards and best practices."

Windows administrators report wide-scale network printing problems after installing this week's September 2021 Patch Tuesday security updates. Many Windows system administrators are now reporting [1, 2] that their computers can no longer print to network printers after installing the PrintNightmare fixes on their print servers.