Security News > 2021

Google has published JavaScript proof-of-concept code to demonstrate the practicality of using Spectre exploits targeting web browsers to access information from a browser's memory. According to the Google Security Team, the PoC shared today works across a wide range of processor architectures, operating systems, and hardware generations.

Researchers have discovered a new side-channel that they say can be reliably exploited to leak information from web browsers that could then be leveraged to track users even when JavaScript is completely disabled. In avoiding JavaScript, the side-channel attacks are also architecturally agnostic, resulting in microarchitectural website fingerprinting attacks that work across hardware platforms, including Intel Core, AMD Ryzen, Samsung Exynos 2100, and Apple M1 CPUs - making it the first known side-channel attack on the iPhone maker's new ARM-based chipsets.

The operators of Lemon Duck, a cryptomining botnet that targets enterprise networks, are now using Microsoft Exchange ProxyLogon exploits in attacks against unpatched servers. Lemon Duck's ongoing attacks on vulnerable Exchange servers have already reached a massive scale, according to Costin Raiu, director of Kaspersky's Global Research and Analysis Team.

The UK's National Cyber Security Centre has reminded Brits to patch their Microsoft Exchange Server deployments against Hafnium attacks, 10 days after the US and wider infosec industry shouted the house down saying the same thing. The agency told press on Friday afternoon that it had proactively helped UK organisations fix around 2,100 affected mailservers following last week's out-of-band patches to resolve four zero-day vulnerabilities in Exchange Server.

Jack Wallen shows you how easy it is to block and report spam SMS messages on the Android platform.

The Metamorfo banking trojan is abusing AutoHotKey and the AHK compiler to evade detection and steal users' information, researchers have warned. One is a purported request to download a password-protected file; and the other is an elaborate spoofed notification about pending legal documents, with a link that downloads a.ZIP file.

Researchers have now disclosed more information on how they were able to breach multiple websites of the Indian government. Last month, researchers from the Sakura Samurai hacking group had partially disclosed that they had breached cyber systems of Indian government after finding a large number of critical vulnerabilities.

Now for some good news from the business world: There is significant optimism about the global economy in 2021 with 76% of CEOs saying they believe growth will improve this year, according to PwC's annual global CEO survey. While the global pandemic is not yet over, "CEOs' optimism also reflects momentum in vaccine development and rollout in parts of the world," the survey said.

Cybercriminals are now using compromised Microsoft Exchange servers as a foothold to deploy a new ransomware family called DearCry, Microsoft has warned. The ransomware is the latest threat to beleaguer vulnerable Exchange servers, emerging shortly after Microsoft issued emergency patches in early March for four Microsoft Exchange flaws.

A new botnet is hunting down and transforming infected routers, DVRs, and UPnP network devices into honeypots that help it find other targets to infect. Once it takes over a device, it prevents other malware from re-infecting its bots with the help of a whitelist that only allows already running system processes, blocking all attempts to run new commands.