Security News > 2021 > November

The operators behind the Mekotio banking trojan have resurfaced with a shift in its infection flow so as to stay under the radar and evade security software, while staging nearly 100 attacks over the last three months. The development comes after Spanish law enforcement agencies in July 2021 arrested 16 individuals belonging to a criminal network in connection with operating Mekotio and another banking malware called Grandoreiro as part of a social engineering campaign targeting financial institutions in Europe.

Google has rolled out its monthly security patches for Android with fixes for 39 flaws, including a zero-day vulnerability that it said is being actively exploited in the wild in limited, targeted attacks. Tracked as CVE-2021-1048, the zero-day bug is described as a use-after-free vulnerability in the kernel that can be exploited for local privilege escalation.

Google has rolled out its monthly security patches for Android with fixes for 39 flaws, including a zero-day vulnerability that it said is being actively exploited in the wild in limited, targeted attacks. Tracked as CVE-2021-1048, the zero-day bug is described as a use-after-free vulnerability in the kernel that can be exploited for local privilege escalation.

Players in the Squid Game cryptocurrency market have been eliminated - at least their investment has - by what cryptocurrency watchers have called a classic "Rug-pull" scam. When SQUID tokens were first released last week, they were valued at a paltry $0.01 but promised entry into a game with the same premise as the Squid Game series from Netflix - players in desperate financial straits compete in a ruthless, deadly series of games for a shot at winning millions.

Ransomware gangs are zeroing in on publicly held companies with the threat of financial exposure in an effort to encourage ransom payments, the FBI is warning. In an alert issued this week [PDF], the Bureau said that activity over the course of the past year shows a trend toward targeting companies when they're coming up to "Significant, time-sensitive financial events," such as quarterly earnings reports and mandated SEC filings, initial public offerings, M&A activity, and so on.

Facebook announced today that they will no longer use the Face Recognition system on their platform and will be deleting over 1 billion people's facial recognition profiles. Facebook's Face Recognition system analyzes photos taken of tagged users and associated users' profile photos to build a unique identifier or template.

Facebook announced today that they will no longer use the Face Recognition system on their platform and will be deleting over 1 billion people's facial recognition profiles. Facebook's Face Recognition system analyzes photos taken of tagged users and associated users' profile photos to build a unique identifier or template.

A critical unauthenticated, remote code execution GitLab flaw fixed on April 14, 2021, remains exploitable, with over 50% of deployments remaining unpatched. Hackers first started exploiting internet-facing GitLab servers in June 2021 to create new users and give them admin rights.

Among Google's November Android security updates is a patch for a zero-day weakness that "May be under limited, targeted exploitation," the company said. In this case, it can be exploited for local escalation of privilege and, when paired with a remote code execution bug, an exploit could allow attackers to gain administrative control over a targeted system.

A Microsoft 365 outage prevents access to files, such as Excel documents, stored on the SharePoint Online, OneDrive, Office, and Microsoft Teams cloud storage services. The outage started at approximately 11:40 AM EST, with admins and users reporting on social media that they could not open files stored on OneDrive or SharePoint.