Security News > 2021

A new ransomware known as Sarbloh encrypts your files while at the same time delivering a message supporting the protests of Indian farmers. Last year the Indian government passed a new set of laws called the 'Indian agriculture acts of 2020', also known as the Farm Bills, which the government says is necessary to modernize its agricultural industry.

UPDATE. Owners of popular QNAP Systems network attached storage devices are being warned that a malicious cryptocurrency campaign is actively exploiting two critical firmware bugs in systems that have not yet been patched. QNAP fixed the flaws in October 2020; however, researchers at Qihoo 360's Network Security Research Lab report a widening campaign targeting over 100 models used by 4.3 million of the company's NAS devices.

McAfee is changing owners again as part of a $4 billion all-cash transaction that includes the sale of its enterprise business unit. McAfee, based in San Jose, Calif., announced on Monday it was selling its enterprise operations Symphony Technology Group, a private equity firm that also owns security behemoth RSA Corp. The decision to shed the enterprise business follows a similar move by McAfee's traditional rival Symantec, which sold off its enterprise unit and rebranded as the NortonLifeLock consumer security brand.

McAfee will sell off its enterprise business to private equity firm Symphony Technology Group for $4bn in cash, the venerable security biz announced on Monday. After selling off its enterprise arm McAfee will focus on its consumer security business, using its wide brand recognition to grab more of the growing cybersecurity market.

Early last week, Microsoft revealed that a China-based group called Hafnium has been launching cyberattacks against organizations by exploiting four zero-day vulnerabilities in on-premises versions of its Exchange Server software. Calling this Microsoft Exchange/OWA hack a pretty elaborate attack, Michael Isbitski, Technical Evangelist at Salt Security, told TechRepublic that he suspects this will impact a lot of organizations still operating their own mail infrastructure rather than using a SaaS like Microsoft 365.

Microsoft is working on boosting Exchange Online phishing protection capabilities by adding support for external email message tags to its cloud-based email service. "This will be achieved by presenting a new tag on emails called 'External' in the message list," Microsoft explains in the Microsoft 365 roadmap.

Intrusion activity related to the Supernova malware planted on compromised SolarWinds Orion installations exposed on the public internet points to an espionage threat actor based in China. Unlike the malware used in the SolarWinds supply-chain attack [1, 2, 3], which was embedded in the Orion software builds from the developer, the Supernova web shell ended inside the platform after hackers exploited a critical vulnerability in product installations reachable over the public web.

Are those little bits of personal information that you give away in the background of home photos and video calls really worth worrying about? Watch directly on YouTube if the video won't play here.

Google Chrome will block the browser's access to TCP port 554 to protect against attacks using the NAT Slipstreaming 2.0 vulnerability. Last year, security researchers disclosed a new version of the NAT Slipstreaming vulnerability that allows malicious scripts to bypass a website visitor's NAT firewall and access any TCP/UDP port on the visitor's internal network.

Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials. The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of victims' companies.