Security News > 2021 > December

Organizations are not always linking the actual data on vulnerabilities with the specific risks to their business, says Cyber Vulcan. With so many security vulnerabilities putting companies at risk, determining which ones to tackle can be a challenge.

Google now makes it easy to block unwanted calendar invitations, commonly used by threat actors in phishing and malicious campaigns, from being added to your Google Calendar. "These additional controls can help you manage your calendar with less manual work by ensuring unwanted events don't appear, and you see only the events that are important to you," Google explained.

Kaspersky researchers said in a Thursday report that from Jan. 20 to Nov. 10, the actors behind the vast campaign were targeting government organizations and industrial control systems across a range of industries, including engineering, building automation, energy, manufacturing, construction, utilities and water management. The operators behind PseudoManuscrypt are using fake pirated software installer archives to initially download the spyware onto targets' systems.

This gives them the chance to inflict maximum damage, and explains why ransomware attacks surge on public holidays like Thanksgiving and Christmas. These out of hours attacks aren't just bad luck; they're designed that way.

Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)

Microsoft urges admins of self-hosted Minecraft servers to upgrade to the latest release to defend against Khonsari ransomware attacks exploiting the critical Log4Shell security vulnerability. While there was no mention of attacks targeting Minecraft servers using Log4Shell exploits at the time, Redmond's security experts updated their CVE-2021-44228 guidance today to warn of ongoing exploitation to deliver ransomware on non-Microsoft hosted Minecraft servers.

British classifieds site Gumtree.com suffered a data leak after a security researcher revealed that he could access sensitive personally identifiable data of advertisers simply by pressing F12 on the keyboard. When pressing the F12 key in a web browser, the application will open the developer tools console, which allows you to view a website's source code, monitor network requests, and view error messages produced by the website.

British police have made a series of arrests over the past few months after people with apparent access to NHS databases allegedly sold fake vaccination status entries on the NHS vaccine passport app. Detective Superintendent Helen Rance said: "The staff at both trusts did the right thing and reported their concerns, which has allowed us to fully investigate the circumstances. I want to reassure the public that no systems were hacked into from outside of the NHS networks and the integrity of the NHS systems remains robust."

Lenovo laptops, including ThinkPad and Yoga models, are vulnerable to a privilege elevation bug in the ImControllerService service allowing attackers to execute commands with admin privileges. The flaws are tracked as CVE-2021-3922 and CVE-2021-3969 and affect the ImControllerService component of all Lenovo System Interface Foundation versions below 1.1.20.3.

At that point it was reported that there were over 100 attempts to exploit the vulnerability every minute. "Since we started to implement our protection we prevented over 1,272,000 attempts to allocate the vulnerability, over 46% of those attempts were made by known malicious groups," said cybersecurity company Check Point.