Security News > 2021

A new Ryuk ransomware variant with worm-like capabilities that allow it to spread to other devices on victims' local networks has been discovered by the French national cyber-security agency while investigating an attack in early 2021. To propagate itself over the local network, the new Ryuk variant lists all the IP addresses in the local ARP cache and sends what looks like Wake-on-LAN packets to each of the discovered devices.

Cybergangs are joining forces under the guise of affiliate groups and "As-a-service" models, warns Maya Horowitz, the director of threat intelligence research with Check Point Research. Several malware gangs have paired up over the past year - such as the FIN6 cybercrime group and the operators of the TrickBot malware.

An analysis of 40 COVID-19 contact tracing applications for Android has led to the discovery of numerous security and privacy issues, according to a new research paper. Contact tracing applications have been created to help authorities automate the process of identifying those who have been in close contact with infected individuals.

Several Tibetan organizations were targeted in a cyber-espionage campaign by a state-backed hacking group using a malicious Firefox extension designed to hijack Gmail accounts and infect victims with malware. The Chinese state hackers also infected victims with the Scanbox malware reconnaissance framework, which allowed them to harvest their targets' data and log their keystrokes.

Microsoft on Thursday announced the open source availability of CodeQL queries that it used during its investigation into the SolarWinds attack. The company has released the source code of CodeQL queries, which it used to analyze its code at scale and identify any code-level indicators of compromise associated with Solorigate.

Ransomware attacks continue to plague companies, with researchers from Fortinet's Fortiguard Labs saying they saw an explosion in ransomware activity towards the end of the fourth quarter of 2020. According to Fortinet's new "FortiGuard Labs Threat Report: Disruption Key Threat Trend in 2020," released this week, researchers saw a seven-times increase in Q4 in ransomware activity across various families - from Ryuk to Egregor.

Target paid the largest data breach settlement in history back in 2017, after hackers obtained confidential payment information of more than 41 million customers. Merchants dealing with sensitive data submitted online such as credit card payment information will want to protect their business from potential POS system intrusions.

Treating data like it is property fails to recognize either the value that varieties of personal information serve or the abiding interest that individuals have in their personal information even if they choose to "Sell" it. Any system of information rights­ - whether patents, copyrights, and other intellectual property, or privacy rights - ­presents some tension with strong interest in the free flow of information that is reflected by the First Amendment.

In early November, a developer contributing to Google's open-source Chromium project reported a problem with Oilpan, the garbage collector for the browser's Blink rendering engine: it can be used to break a memory defense known as address space layout randomization. About two weeks later, Google software security engineer Chris Palmer marked the bug "WontFix" because Google has resigned itself to the fact that ASLR can't be saved - Spectre and Spectre-like processor-level flaws can defeat it anyway, whether or not Oilpan can be exploited.

Industrial organizations have been warned this week that a critical authentication bypass vulnerability can allow hackers to remotely compromise programmable logic controllers made by industrial automation giant Rockwell Automation. The vulnerability, tracked as CVE-2021-22681 with a CVSS score of 10, was independently reported to Rockwell by researchers at the Soonchunhyang University in South Korea, Kaspersky, and industrial cybersecurity firm Claroty.