Security News > 2021
There are the obvious cybersecurity implications of disrupting what's been called the "Most dangerous malware in the world," but it's also a strong reminder of the importance of public and private collaboration in fighting cybercrime. All of these cases are perfect examples of the need for increased coordination when it comes to cybersecurity.
Due to the critical nature of recently issued Microsoft Exchange security updates, admins need to know that the updates may have installation issues on servers where User Account Control is enabled. Microsoft has added these warnings to all Exchange security updates released throughout the last few years.
SITA, a multinational company that specializes in air transport communications and IT, this week confirmed falling victim to a cyberattack that appears to have impacted multiple airlines around the world. SITA said on Thursday that the attack, which it described as "Highly sophisticated," affected certain passenger data stored on servers of SITA Passenger Service System Inc., which operates passenger processing systems for airlines.
The US Financial Industry Regulatory Authority has issued a regulatory notice warning US brokerage firms and brokers of an ongoing phishing campaign using fake compliance audit alerts to harvest information. The domain used in these ongoing phishing attacks was registered just two days ago, on March 3rd, using the NameCheap domain name registrar.
The U.S. National Security Agency and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency this week published joint guidance on Protective DNS. Designed to translate domain names into IP addresses, the Domain Name System is a key component of Internet and network communications. Protective DNS was designed as a security service that leverages the DNS protocol and infrastructure for the analysis of DNS queries and mitigation of possible threats.
Hacker groups linked to Russian intelligence conducted cyber-attacks against top Lithuanian officials and decision-makers last year and used the Baltic nation's technology infrastructure as a base to hit targets elsewhere, a report by Lithuania's intelligence service said Thursday. The annual national security threat assessment report claimed that, among others, the Russian cyber-espionage group APT29 with alleged links to Russia's intelligence services "Exploited" Lithuania's information technology infrastructure "To carry out attacks by APT29 against foreign entities developing a COVID-19 vaccine."
Server and storage technology giant Supermicro and secure access solutions provider Pulse Secure have issued advisories to inform users that some of their products are vulnerable to the Trickbot malware's ability to target firmware. In early December, security researchers at Advanced Intelligence and enterprise device security firm Eclypsium revealed that Trickbot not only survived a takedown attempt, but also gained the ability to scan UEFI/BIOS firmware for vulnerabilities that would allow making modifications.
Microsoft and cybersecurity firm FireEye on Thursday published blog posts detailing several new pieces of malware that they believe are linked to the hackers behind the supply chain attack targeting Texas-based IT management solutions provider SolarWinds. Microsoft has started tracking the threat actor behind the SolarWinds attack as NOBELIUM. The company has identified three new pieces of malware that it believes are used by the group after they have compromised the targeted organization's network.
For the wider population, hacking has become synonymous with nefarious activities because - for the vast majority of people who experience it - it's in a criminal context. Regular Register readers can differentiate between criminal hackers who break the law and ruin people's lives, and hardware and software hackers who ingeniously lash together systems and perform miracles to get things running.