Security News > 2021 > November

The problem-dubbed "Shrootless"-is associated with a security technology called System Integrity Protection found in macOS. Jonathan Bar Or from the Microsoft 365 Defender Research Team explained in a blog post that SIP restricts a user at the root level of the OS from performing operations that may compromise system integrity. "A malicious actor could create a specially crafted file that would hijack the installation process. After bypassing SIP's restrictions, the attacker could then install a malicious kernel driver, overwrite system files, or install persistent, undetectable malware, among others."

Microsoft today announced a new endpoint security solution dubbed Microsoft Defender for Business, specially built for small and medium-sized businesses.Microsoft Defender for Business is an endpoint security solution that helps businesses with up to 300 employees protect against cybersecurity threats, including malware and ransomware, in an easy-to-use, cost-effective package.

Microsoft announced today that the Chromium-based Edge web browser is now generally available on the Linux platform via the stable channel. In September 2019, Redmond asked for feedback from Linux users on the release of the Edge browser for Linux to flesh out the requirements needed for an official launch.

A growing number of Mac and Macbook owners report that their devices become unbootable after attempting to update to the latest version of macOS, codenamed 'Monterey. Since macOS Monterey has been released, social media is filling up with a growing number of complaints about their devices becoming "Bricked" or unbootable after upgrading.

MITRE shared a list of the topmost dangerous programming, design, and architecture security flaws plaguing hardware this year. This list is the result of the not-for-profit MITRE organization collaborating within the Hardware CWE Special Interest Group, a community of individuals representing organizations from "Hardware design, manufacturing, research, and security domains, as well as academia and government."

The Federal Bureau of Investigation warns that ransomware gangs are targeting companies involved in "Time-sensitive financial events" such as corporate mergers and acquisitions to make it easier to extort their victims. "The FBI assesses ransomware actors are very likely using significant financial events, such as mergers and acquisitions, to target and leverage victim companies for ransomware infections," the federal law enforcement agency said.

China's Ministry of Commerce said on Monday the country has officially applied for entry into the Digital Economy Partnership Agreement. Singapore's Ministry of Trade and Industry described DEPA as "a first of its kind agreement that establishes new approaches and collaborations in digital trade issues, promotes interoperability between different regimes and addresses the new issues brought about by digitalisation."

Interesting Twitter thread on how cell phone metadata can be used to identify and track people who don’t want to be identified and tracked.

Google has released the Android November 2021 security updates, which address 18 vulnerabilities in the framework and system components, and 18 more flaws in the kernel and vendor components. Not many technical details have been released around this flaw yet, as original equipment manufacturers are currently working on merging the patch with their custom builds, so most Android users are vulnerable.

Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, allowing for extensive supply-chain attacks. "We have discovered ways of manipulating the encoding of source code files so that human viewers and compilers see different logic. One particularly pernicious method uses Unicode directionality override characters to display code as an anagram of its true logic," professor Ross Anderson explained.