Security News > 2021

The Cybersecurity and Infrastructure Security Agency has released a new tool to detect post-compromise malicious activity associated with the SolarWinds hackers in on-premises enterprise environments. CISA Hunt and Incident Response Program, the new forensics collection tool, is a Python-based tool that helps detect SolarWinds malicious activity IOCs on Windows operating systems.

Cybercriminals are targeting Apple developers with a trojanized Xcode project, which once launched installs a backdoor that has spying and data exfiltration capabilities. Xcode is comprised of a suite of free, open software development tools developed by Apple for creating software for macOS, iOS, iPadOS, watchOS and tvOS. Thus, any apps built on top of the project automatically include the malicious code.

The Windows 10 21H1 update is now available for testing by enterprise customers before general availability through the Windows Insider Program for Business. Microsoft started rolling out a preview of the Windows 10 21H1 feature update to Windows Insiders in the Beta channel last month.

Finland's domestic security agency said Thursday that the cybergroup APT31, which is generally linked to the Chinese government, was likely behind a cyberspying attack on the information systems of the Nordic country's parliament. The Finnish Security and Intelligence Service, known by the abbreviation Supo, said it had "Identified a cyber espionage operation targeted in 2020 against parliament with the aim of intruding into parliament's IT systems."

Previously undocumented account-stealing malware distributed via fake software crack sites targets the users of major service providers, including Google, Facebook, Amazon, and Apple. The malware, dubbed CopperStealer by Proofpoint researchers, is an actively developed password and cookie stealer with a downloader feature that enables its operators to deliver additional malicious payloads to infected devices.

The latest scams use phishing emails to deliver remote access trojans to control a victim's computer and steal sensitive data, says Cybereason. With the usual April 15 deadline approaching, a report released Thursday by security provider Cybereason reveals the latest scams against taxpayers and offers advice on how to avoid them.

A Conservative peer has joined calls to reform the Computer Misuse Act days after the government declared that infosec and "Cyber power" are the key to British foreign and industrial policy for the 2020s. Lord Holmes of Richmond told The Register he wants to support British infosec companies, which he said were "Held back for want of a few strokes of the legislative pen" in reforming the CMA. "Over the next few weeks, I intend to be having conversations and meetings, both with colleagues, and indeed, with Home Office ministers to really understand what the level ground that we're all standing on is, where their issues are, and how we can work together to move this forward," said the House of Lords backbencher.

A recently discovered Mac malware has been used by unknown threat actors to target software developers who use Apple's Xcode integrated development environment. SentinelOne learned about the malware from an anonymous researcher, but the company also spotted XcodeSpy in the wild in late 2020 at an organization in the United States.

US taxpayers are being targeted by phishing attacks attempting to take over their computers using malware and steal sensitive personal and financial information. "The potential for damage is serious and the malware allows threat actors to gain full control over a victim's machine and steal sensitive information from users or their employers."

A security blip in the current version of Zoom could inadvertently leak users' data to other meeting participants on a call. The flaw stems from a glitch in the screen sharing function of video conferencing platform Zoom.