Security News > 2021

As dangerous attacks accelerate against Microsoft Exchange Servers in the wake of the disclosure around the ProxyLogon group of security bugs, a public proof-of-concept whirlwind has started up. Microsoft said in early March that it had spotted multiple zero-day exploits in the wild being used to attack on-premises versions of Microsoft Exchange servers.

Email security company Mimecast has confirmed today that the state-sponsored SolarWinds hackers who breached its network earlier this year downloaded source code out of a limited number of repositories. To breach Mimecast's network, the attackers used the Sunburst backdoor, a malware distributed by the SolarWinds hackers to roughly 18,000 SolarWinds customers using the compromised auto-update mechanism of the SolarWinds Orion IT monitoring platform.

Email security company Mimecast has confirmed today that the state-sponsored SolarWinds hackers who breached its network earlier this year downloaded source code out of a limited number of repositories. To breach Mimecast's network, the attackers used the Sunburst backdoor, a malware distributed by the SolarWinds hackers to roughly 18,000 SolarWinds customers using the compromised auto-update mechanism of the SolarWinds Orion IT monitoring platform.

Magecart attackers have found a new way to hide their nefarious online activity by saving data they've skimmed from credit cards online in a.JPG file on a website they've injected with malicious code. "The creative use of the fake.JPG allows an attacker to conceal and store harvested credit card details for future use without gaining too much attention from the website owner," he wrote.

"Since March 2020, the FBI has become aware of PYSA ransomware attacks against US and foreign government entities, educational institutions, private companies, and the healthcare sector by unidentified cyber actors," the FBI says in the TLP:WHITE flash alert. The FBI recommends not paying Pysa ransomware's ransoms since giving in to their demands will most likely fund future ransomware attacks and encourage them to target other potential victims.

Roid, the most popular mobile operating system in the world, runs on plenty of devices used by U.S. government workers, but only 0.08% of those devices are running the latest version of Android, a report finds. Mobile security firm Lookout is behind the report, which looked at over 200 million mobile devices being used by U.S. federal and state government workers between January 2019 and December 2020.

Isolating your hardware and your applications is a more effective way to prevent malware from infecting your critical endpoints, says HP. Defending your organization against malware used to a matter of running the right antivirus software to detect and block any security threats. The HP-Bromium Threat Insights Report looks at malware observed during the fourth quarter of 2020.

Twitter on Monday announced that users with two-factor authentication enabled can now use multiple security keys to protect their accounts. The social platform has had support for security keys for desktop users for some time, and made the feature available to iOS and Android users too in December 2020.

Google has released proof-of-concept exploit code, which leverages the Spectre attack against the Chrome browser to leak data from websites. Three years after the Spectre attack was first disclosed, researchers with Google have now released a demonstration website that leverages the attack, written in JavaScript, to leak data at a speed of 1 kilobyte per second when running on Chrome 88 on an Intel Skylake CPU. The researchers said they hope the PoC will light a fire under web application developers to take active steps to protect their sites.

Google's Apple-mandated privacy labels for its Chrome and Search apps on iOS have drawn criticism from tiny search rival DuckDuckGo, which tweeted "No wonder they wanted to hide it." Mysterious delays in Google's app updates soon ensued - though the company said in January that: "As Google's iOS apps are updated with new features or to fix bugs, you'll see updates to our app page listings that include the new App Privacy Details. These labels represent the maximum categories of data that could be collected - meaning if you use every available feature and service in the app."