Security News > 2021

Another human-related error - this time a flaw in a health department website in the state of Bengal, India - has exposed the confidential results of COVID-19 tests as well as personally identifying information for an entire geographic region's population. Test results related to more than 8 million people potentially were exposed before the agency fixed the error, according to a security researcher.

A newly uncovered cyberattack is taking control of victims' Gmail accounts, by using a customized, malicious Mozilla Firefox browser extension called FriarFox. FriarFox gives cybercriminals various types of access to users' Gmail accounts and Firefox browser data.

Kaspersky security researchers have found evidence that the North Korean hacking collective known as Lazarus has added another target to its list of victims: The defense industry, and companies in more than a dozen countries have already been affected. As previously reported by TechRepublic, Lazarus started off 2021 by targeting security researchers with offers of collaborating on malware research, only to infect victims with malware that could cause the theft of sensitive security-related data.

VMware has fixed a serious flaw in its vCenter Server VMware utility that could have opened the door for hackers to remotely execute code on a vulnerable server. In a press release published Wednesday, Positive Technologies, which discovered and alerted VMware to the bug, said attackers could have exploited the vCenter Server bug to take over unpatched VMware servers and gain access to local network resources.

A North Korean-backed hacking group has targeted the defense industry with custom backdoor malware dubbed ThreatNeedle since early 2020 with the end goal of collecting highly sensitive information. ThreatNeedle helped the Lazarus hackers to move laterally throughout the defense orgs' networks and harvest sensitive info that got exfiltrated to attacker-controlled servers using a custom tunneling tool via SSH tunnels to remote compromised South Korean servers.

Concerns have been raised about the security of audio data on the popular new social media app Clubhouse, according to reports from the Stanford Internet Observatory and McAfee's Advanced Threat Research team. Clubhouse did not respond to requests for comment from TechRepublic but previously told the Stanford Internet Observatory that due to concerns about data privacy breaches, the company initially banned the app from Chinese users.

Cisco this week released patches for over a dozen vulnerabilities affecting multiple products, including three critical bugs impacting its ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS software. Also featuring a CVSS score of 9.8, the third critical flaw that Cisco patched this week affects Nexus 3000 and Nexus 9000 series switches.

TD Bank has recovered from a major IT systems outage today that prevented account holders from accessing their online bank accounts, use ATM, or check balances over the phone. The outage started at approximately 2 AM EST this morning and prevented TD Bank members from logging into their online accounts.

TD Bank has recovered from a major IT systems outage today that prevented account holders from accessing their online bank accounts, use ATM, or check balances over the phone. The outage started at approximately 2 AM EST this morning and prevented TD Bank members from logging into their online accounts.

A critical vulnerability in Cisco Systems' intersite policy manager software could allow a remote attacker to bypass authentication. The flaw stems from improper token validation on an API endpoint in Cisco's ACI MSO. "A successful exploit could allow the attacker to receive a token with administrator-level privileges that could be used to authenticate to the API on affected MSO and managed Cisco Application Policy Infrastructure Controller devices," said Cisco on Wednesday.