Security News > 2021

Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000. Yesterday, the ransomware gang announced on their data leak site that they had breached Acer and shared some images of allegedly stolen files as proof.

Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000. Yesterday, the ransomware gang announced on their data leak site that they had breached Acer and shared some images of allegedly stolen files as proof.

Dubbed CopperStealer, the malware acts similarly to previously discovered, China-backed malware family SilentFade, according to a report from Proofpoint researchers Brandon Murphy, Dennis Schwarz, Jack Mott and the Proofpoint Threat Research Team published online this week. CopperStealer is in the same class not only as SilentFade-the creation of which Facebook attributed to Hong Kong-based ILikeAD Media International Company Ltd-but also other malware such as StressPaint, FacebookRobot and Scranos.

"We recently became aware of a trojanized Xcode project in the wild targeting iOS developers thanks to a tip from an anonymous researcher. The malicious project is a doctored version of a legitimate, open-source project available on GitHub," SentinelOne researchers have warned. The trojanized Xcode project in question is TabBarInteraction, which offers iOS developers features for animating the iOS Tab Bar based on user interaction - though the researchers have been quick to note that the code in the Github project is currently clean, and that the developer is not implicated in any way with the malware operation.

The FBI received more than 19,000 complaints of business email compromises last year, costing victims around $1.8 billion. Among the many types of cyber crimes affecting organizations and individuals last year, business email compromises and email account compromises proved especially costly.

Microsoft informed customers on Thursday that Defender Antivirus and System Center Endpoint Protection now provide automatic protection against attacks exploiting the recently disclosed Exchange Server vulnerabilities. Microsoft has released patches, detailed guidance, and a one-click mitigation tool to ensure that Exchange Server users are protected against attacks.

The Ministry of Defence has ordered its contractors not to answer certain questions on the UK's once-in-a-decade census - despite threats of £1,000 fines being handed to people who don't complete the national survey. The Ministry of Defence has taken a curious line against the census, urging defence personnel and contractors to give incomplete answers to four questions - and to ignore one altogether.

The Federal Bureau of Investigation is warning US private sector companies about an increase in business email compromise attacks targeting state, local, tribal, and territorial government entities. "From 2018 through 2020, the FBI observed increases in business email compromise actors targeting state, local, tribal, and territorial government entities for financial gain due to vulnerability exploitation and transparency requirements," the FBI said.

Russian national Egor Igorevich Kriuchkov has pleaded guilty to recruiting a Tesla employee to plant malware designed to steal data within the network of Tesla's Nevada Gigafactory. Kriuchkov also told the Tesla employee that he was earlier involved in other similar "Projects" where one of the victim companies paid $4 million after negotiating down from an initial $6 million ransom.

Microsoft has released the Windows 10 KB5001649 emergency update to fix printing issues plaguing users since the March 2021 Patch Tuesday updates. Many users have reported that Windows 10 would crash when printing with an "APC INDEX MISMATCH for win32kfull.sys" error or printed pages would have missing graphics, black bars, or blank pages.