Security News > 2021

Understanding the nature of the latest threats can help you identify shifts in tactics and techniques, prioritize security resources and test the most likely scenarios, says IBM X-Force. In a report released Wednesday, security arm IBM X-Force describes some of the latest threats that have surfaced and offers advice on how to protect your organization against them.

Four members of Five Eyes, in collaboration with Singapore as an active contributor, have issued a joint security advisory about ongoing attacks and extortion attempts targeting organizations using the Accellion File Transfer Appliance. Besides providing indicators of compromise and mitigation measures for those who still use the vulnerable Accellion FTA software, the alliance members also warned of attackers extorting breached orgs under the threat of leaking sensitive information stolen from the Accellion appliance.

Four members of Five Eyes, in collaboration with Singapore as an active contributor, have issued a joint security advisory about ongoing attacks and extortion attempts targeting organizations using the Accellion File Transfer Appliance. Besides providing indicators of compromise and mitigation measures for those who still use the vulnerable Accellion FTA software, the alliance members also warned of attackers extorting breached orgs under the threat of leaking sensitive information stolen from the Accellion appliance.

According to a Tuesday report by Cofense, which analyzed millions of emails related to various attacks, 57 percent were phishing emails aiming to steal victim usernames and passwords. The remainder of malicious emails were utilized in business email compromise attacks or for malware delivery.

A total of 15 threat groups have been observed targeting industrial organizations, according to industrial cybersecurity firm Dragos. Dragos on Wednesday released its ICS Cybersecurity Year in Review report for 2020, which covers the industrial control systems threat landscape and vulnerabilities disclosed last year.

Released Wednesday by security software provider Netskope, the new "Cloud and Threat Report" looks at the vulnerabilities among cloud apps and offers 10 tips for organizations to better protect their online assets. The average number of cloud apps in use among enterprise companies rose by 20% last year, and cloud activity now accounts for 53% of secure web gateway traffic, Netskope said.

Kroger became the latest major company to announce a data breach, acknowledging in a statement that information from some current and former employees as well as customers of Kroger Health and Money Services were impacted by an attack on a third-party file transfer tool from Accellion. The company said it is in the process of contacting victims but confirmed that none of its IT systems or any grocery store systems or data were affected by the breach.

As browser-makers move to defang third-party cookies, marketers are increasingly switching to alternative tracking techniques. In 2019, Firefox was equipped with Enhanced Tracking Protection by default, blocking known trackers, third-party tracking cookies and cryptomining scripts.

Business jet maker Bombardier is the latest company to suffer a data breach by the Clop ransomware gang after attackers exploited a zero-day vulnerability to steal company data. Soon after BleepingComputer contacted the company about the data leak, Bombardier issued a press release stating that they suffered a breach after hackers stole data from their "File-transfer application."

The actor received the name LazyScripter and has been active since 2018, using phishing to target individuals seeking immigration to Canada for a job, airlines, and the International Air Transport Association. The researchers from Malwarebytes also found other examples where the attacker dropped other remote access trojans that are common to multiple hacking groups: LuminosityLink, RMS, Quasar, njRat, and Remcos.