Security News > 2021 > December

A large-scale phishing study involving 14,733 participants over a 15-month experiment has produced some surprising findings that contradict previous research results that formed the basis for popular industry practices. Instead, the study found that younger and older people are more prone to clicking on phishing links, so age is a key factor.

The Log4j security vulnerability known as Log4Shell is shaping up to be one of the worst security flaws of the year, potentially affecting millions of applications and painting a bullseye on unpatched systems that hackers can compromise and control. Revealed last week but reported to Apache in November, Log4Shell is a zero-day vulnerability in the company's Log4J utility, which is used by developers and organizations around the world to log requests and error messages for Java applications.

The Cybersecurity and Infrastructure Security Agency warned critical infrastructure organizations today to strengthen their cybersecurity defenses against potential and ongoing threats. "In the lead up to the holidays and in light of persistent and ongoing cyber threats, CISA urges critical infrastructure owners and operators to take immediate steps to strengthen their computer network defenses against potential malicious cyber attacks," the cybersecurity agency said [PDF].

A suspected Iranian state-supported threat actor is deploying a newly discovered backdoor named 'Aclip' that abuses the Slack API for covert communications. Slack is an ideal platform for concealing malicious communications as the data can blend well with regular business traffic due to its widespread deployment in the enterprise.

For anyone looking to gain an extra layer of privacy on a desktop or laptop, Kodachi Linux might be the perfect option. Do you veer toward the over-cautious when it comes to your privacy? Do you loathe the idea that you're being tracked by third-party cookies, and standard browsers and operating systems aren't capable of doing enough to keep you safe? At the same time, are you too busy to learn a new operating system?

Amazon AWS is experiencing an outage that has impacted numerous online services, including Twitch, Zoom, PSN, Xbox Live, Doordash, Quickbooks Online, and Hulu. AWS engineers are working on addressing the root cause behind this outage and said they have already taken steps to restore connectivity.

As expected, nation-state hackers of all kinds have jumped at the opportunity to exploit the recently disclosed critical vulnerability in the Apache Log4j Java-based logging library. Also known as Log4Shell or LogJam, the vulnerability is now being used by threat actors linked to governments in China, Iran, North Korea, and Turkey, as well as access brokers used by ransomware gangs.

Microsoft has addressed a known issue that plagued Windows Server customers for weeks, preventing the Defender for Endpoint enterprise security platform from launching on some systems. The issue only impacts devices where customers installed Windows Server 2019 and Windows Server 2022 security updates issued during last month's Patch Tuesday.

We're experiencing yet another incident in which cyberattacks can affect the real world: UKG, makers of payroll and HR software, have reported a ransomware attack that has taken its Kronos Private Cloud offline, and may result in it staying that way for weeks to come. In a statement about the outage, UKG said that it has no estimated time of resolution, that its backups aren't available until they "Determine the best approach" to restoration.

UK online used goods bazaar Gumtree exposed its users' home addresses in the source code of its webpages, and then tried to squirm out of a bug bounty after infosec bods alerted it to the flaw. British company Pen Test Partners spotted the data leakage, which meant anyone could view a Gumtree user's name and location by pressing F12 in their web browser.