Security News > 2021 > December

Planned Parenthood's Los Angeles division has been hacked, with cyberattackers making off with sensitive personal health information for at least 400,000 patients. The clinical data is highly sensitive: Planned Parenthood offers a variety of sexual health services, including annual well-woman exams, birth control, cervical and testicular cancer screenings, prenatal care, sexual education, vasectomies, and abortions.

What if an external threat actor would offer your employees easy money to just do a quick action on one of the company's computers? How would the company detect it? Some of those employees or ex-employees will try to use their knowledge of the company and the data to which they have access to cause harm and affect confidentiality, integrity or availability of the organization's critical information or networks.

The UK legislature is currently interested in a law about what it calls PSTI, short for Product Security and Telecommunications Infrastructure. It's a much more modest regulatory proposal, and unlike those proposals that aim to disrupt security and cryptography "Just in case we ever lock the keys in the car", its goal is to demand a modest increase in security and basic cyber-reliability in products such as mobile phones, fitness trackers, internet webcams, cloud doorbells, and temperature sensors for your pet fish.

An advanced persistent threat group that had been exploiting a flaw in the Zoho ManageEngine ADSelfService Plus software has pivoted to leveraging a different vulnerability in another Zoho product. The actor has been seen exploiting an unauthenticated remote code execution issue in Zoho ServiceDesk Plus versions 11305 and older, currently tracked as CVE-2021-44077.

Researchers from Netlab, a network security division of Chinese tech giant Qihoo 360, first discovered what they characterized as a "Brand-new botnet" attacking Edgewater Networks devices, using a vulnerability in EdgeMarc Enterprise Session Border Controllers, tracked as CVE-2017-6079. Netlab eventually identified the devices as belonging to AT&T, which confirmed the existence of the botnet to analyst firm Recorded Future's The Record.

Russia's internet watchdog, 'Roskomnadzor', has announced the ban of six more VPN products, bringing the total number to more than a dozen, shows a notification to companies in the country. The latest services added to the list of banned VPN services are Betternet, Lantern, X-VPN, Cloudflare WARP, Tachyon VPN, PrivateTunnel.

A hacker stole $31 million from the blockchain company MonoX Finance , by exploiting a bug in software the service uses to draft smart contracts. Specifically, the hack used the same token as both the tokenIn and tokenOut, which are methods for exchanging the value of one token for another.

Security researchers analyzed nine popular WiFi routers and found a total of 226 potential vulnerabilities in them, even when running the latest firmware. The tested routers are made by Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology, and Linksys, and are used by millions of people.

eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions. NginRAT was found on eCommerce servers in North America and Europe that had been infected with CronRAT, a remote access trojan that hides payloads in tasks scheduled to execute on an invalid day of the calendar.

Cossack Labs updated its flagship open-source product Acra database security suite to version 0.90.0 and made many of its core security features previously available only for enterprise customers free in Acra Community Edition. Acra's features enable the implementation of application-level encryption in modern cloud applications, saving development costs and allowing tighter grip on sensitive data lifecycle.