Security News > 2021 > December

With the foundational security provided by Red Hat Enterprise Linux(RHEL), the layered products that run on top, such as Red Hat OpenShift, benefit by inheriting the security technologies provided by RHEL. Red Hat has packaged and delivered trusted Linux content for years and now delivers that same trusted content packaged as Linux containers, through the Red Hat Universal Base Image. This allows enterprises to build a security-focused hybrid cloud, manage and control a hybrid cloud with integrated security, and build, deploy, and run security-focused applications on top of a hybrid cloud using DevSecOps practices.

Multiple backdoors have been discovered during a penetration test in the firmware of a widely used voice over Internet Protocol appliance from Auerswald, a German telecommunications hardware manufacturer, that could be abused to gain full administrative access to the devices. "Two backdoor passwords were found in the firmware of the COMpact 5500R PBX," researchers from RedTeam Pentesting said in a technical analysis published Monday.

Transportation industry and government agencies related to the sector are the victims of an ongoing campaign since July 2020 by a sophisticated and well-equipped cyberespionage group in what appears to be yet another uptick in malicious activities that are "Just the tip of the iceberg." "The group tried to access some internal documents and personal information on the compromised hosts," Trend Micro researchers Nick Dai, Ted Lee, and Vickie Su said in a report published last week.

The credentials were a mixed bag in terms of sources, and it's not clear how these passwords became compromised. He added, "A compromised password goes well beyond the initial compromise as it facilitates password spraying and with the help of AI based analytical tools, the bad actors can start to identify patterns of how a person creates passwords. This is possible as the userID in question is an email address for the majority of the cases."

A dark web marketplace named '2easy' is becoming a significant player in the sale of stolen data "Logs" harvested from roughly 600,000 devices infected with information-stealing malware. "Logs" are archives of data stolen from compromised web browsers or systems using malware, and their most important aspect is that they commonly include account credentials, cookies, and saved credit cards.

With more than 3000 files totalling close to a million line of source code, Apache httpd is a large and capable server, with myriad combinations of modules and options making it both powerful and dangerous at the time. Apache just published an httpd update that fixes two CVE-numbered security bugs.

Two critical and high severity security vulnerabilities in the highly popular "All in One" SEO WordPress plugin exposed over 3 million websites to takeover attacks. The security flaws discovered and reported by Automattic security researcher Marc Montpas are a critical Authenticated Privilege Escalation bug and a high severity Authenticated SQL Injection.

Scammers are estimated to have made $80 million per month by impersonating popular brands asking people to participate in fake surveys or giveaways. The scam themes are the typical and "Trustworthy" fake surveys and giveaways from popular brands with the holiday season making targets more susceptible to fraudulent gift offerings.

A Russian national working for a cybersecurity company has been extradited to the U.S. where he is being charged for hacking into computer networks of two U.S.-based filing agents used by multiple companies to file quarterly and annual earnings through the Securities and Exchange Commissions system. The defendants used compromised employee credentials to access the networks of the targeted filing agent and view or download data related to earnings of multiple companies, including SEC filings and press releases.

The United States has taken legal action to seize and return over $154 million purportedly stolen from Sony Life Insurance Company Ltd, a SONY subsidiary, by an employee in a textbook business email compromise attack. "According to the government's complaint, Rei Ishii, an employee of Sony Life Insurance Company Ltd. in Tokyo, allegedly diverted the $154 million when the company attempted to transfer funds between its financial accounts," the Justice Dept said today.