Security News > 2021 > November

A new version of a banking trojan known as Mekotio is being deployed in the wild, with malware analysts reporting that it's using a new, stealthier infection flow. The last notable activity of Mekotio dates back to the summer of 2020 when the trojan's operators deployed it in a campaign targeting Latin American countries.

A member of the BlackMatter ransomware gang has publicly claimed the extortionists are shutting down, causing much excitement within the infosec world. A Russian-language message reportedly posted on a forum used by ransomware criminals is said to have announced BlackMatter's second disappearance of 2021, the gang previously pulling a disappearing act under their former name of Darkside.

The U.S. has sanctioned four companies located in Israel, Russia, and Singapore for the development of spyware or the sale of hacking tools used by state-sponsored hacking groups. Israeli companies NSO Group and Candiru are being sanctioned for creating and selling spyware used to target journalists and activists.

The UK's Labour Party, the official opposition to the country's ruling Conservatives, has suffered a humiliating data breach, according to multiple reports. Information sent to The Register suggests Labour members were sent notice of the issue, which it said had hit "a third party that handles data on our behalf."

Mobile phishing attacks targeting employees in the energy industry have risen by 161% compared to last year's data, and the trend is showing no signs of slowing down. There is a rising trend in phishing attacks targeting the global energy industry across the world.

More than half of large companies are not effectively stopping cyberattacks, finding and fixing breaches quickly or reducing the impact of breaches, according to a new research study from Accenture. "Accenture's State of Cybersecurity Resilience 2021 study explored the extent to which organizations prioritize security, the effectiveness of current security efforts and how their security investments are performing. The pandemic served as"a breeding ground for new attacks,'' according to the study, which was based on a survey of more than 4,700 executives globally.

During the first day of Pwn2Own Austin 2021, contestants won $362,500 after exploiting previously unknown security flaws to hack printers, routers, NAS devices, and speakers from Canon, HP, Western Digital, Cisco, Sonos, TP-Link, and NETGEAR. At Pwn2Own Austin, security researchers will target mobile phones, printers, routers, network-attached storage, smart speakers, televisions, external storage, and other devices, all up to date and in their default configuration. Pwn2Own Austin's consumer-focused event was extended to four days after 22 different contestants registered for 58 total entries.

Yahoo is pulling its services out of China, citing an 'increasingly challenging operating environment. As Yahoo has already been undergoing a dramatic down-scale in China, announcing a total withdrawal is more of a symbolic move, signifying that the decision is final.

Attackers will threaten to release confidential data that could affect a company's stock price to pressure them to pay the ransom, says the FBI. Ransomware operators will stoop to any tactic necessary to try to force their victims to acquiesce to the ransom demands. In a new report published Monday, the FBI warns of attacks in which ransomware groups will leak sensitive information that could impact a company's stock price if the ransom goes unpaid.

More than half of data protection fines issued by the Information Commissioner's Office over the last two years, totalling more than £5m, have not been paid. The SMS Works pointed out that fines to home improvements companies appear to be least likely to be paid, with £1.6m in fines issued to these firms resulting in just £280,000 being repaid to date.