Security News > 2021 > December

Each agency has its own operational and technology teams that are not under the direct control of CISA - and that's where the CISA directives come in. A CISA directive is intended to compel tech teams at federal agencies to take certain actions that CISA deems necessary to ensure safe cybersecurity operations.

BadgerDAO, maker of a decentralized finance protocol, said on Wednesday that it is investigating reports that millions in user funds have been stolen. The DAO in BadgerDAO stands for Decentralized Autonomous Organization, which means the company is "Run by our users - not VCs, whales, or institutions".

Microsoft Edge is now displaying in-browser alerts that discourage users from downloading Google Chrome by bashing the popular browser. A few weeks later, Google began telling Microsoft Edge users to switch to Chrome to use browser extensions more securely.

Phishing actors have quickly started to exploit the emergence of the Omicron COVID-19 variant and now use it as a lure in their malicious email campaigns. Threat actors are quick to adjust to the latest trends and hot topics, and increasing people's fears is an excellent way to cause people to rush to open an email without first thinking it through.

Oh! No! The wannabe wizard that went to school with a trainee Sith. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.

Twitter today announced the permanent removal of more than 3,400 accounts linked to governments of six countries running manipulation or spam campaigns. Twitter found another 112 accounts linked to a private company called "Changyu Culture," which is endorsed by the regional authorities in Xinjiang.

That's according to findings from Group-IB's Hi-Tech Crime Trends Report 2021/2022, which unpacks the startling numbers behind what the report calls an "Unholy alliance" between ransomware operators and corporate-access brokers - which analysts said has fueled a 935 percent spike in the number of organizations which had their stolen data exposed on a data leak site. Ransomware groups have increasingly used the tactic called double extortion, where they not only steal a company's data, but threaten to publish it to ratchet up the pressure to pay a ransom.

Unofficial patches have been issued to remediate an improperly patched Windows security vulnerability that could allow information disclosure and local privilege escalation on vulnerable systems. Tracked as CVE-2021-24084, the flaw concerns an information disclosure vulnerability in the Windows Mobile Device Management component that could enable an attacker to gain unauthorized file system access and read arbitrary files.

Mozilla has rolled out fixes to address a critical security weakness in its cross-platform Network Security Services cryptographic library that could be potentially exploited by an adversary to crash a vulnerable application and even execute arbitrary code. Tracked as CVE-2021-43527, the flaw affects NSS versions prior to 3.73 or 3.68.1 ESR, and concerns a heap overflow vulnerability when verifying digital signatures such as DSA and RSA-PSS algorithms that are encoded using the DER binary format.

Socially engineered SMS messages are being used to install malware on Android devices as part of a widespread phishing campaign that impersonates the Iranian government and social security services to make away with credit card details and steal funds from victims' bank accounts. "The malicious application not only collects the victim's credit card numbers, but also gains access to their 2FA authentication SMS, and turn[s] the victim's device into a bot capable of spreading similar phishing SMS to other potential victims," Check Point researcher Shmuel Cohen said in a new report published Wednesday.