Security News > 2021

It's something where by playing on those fears, by playing on those emotions, that's how a lot of these actors were able to be more successful on BEC. The most interesting thing with Cosmic Lynx is that with them doing that, they're able to ask for even higher amounts of money than we've seen with previous BEC actors. At the end of the day, that's the biggest thing we have to understand is we have to understand that business email compromise is just a symptom of something that we've been trying to track for the last 30 years.

Researchers at mobile security firm Lookout have published information on two recently discovered Android spyware families employed by an advanced persistent threat group named Confucius. For the past several years it also switched to mobile malware, with the first Android surveillanceware ChatSpy being observed in 2018.

Discord group-chatting platform originally built for gamers and has evolved to become a virtual watering hole for socializing. While planting malware in Discord is not a new activity, researchers discovered a number of novel campaigns using various known malware to lure gamers from within the platform.

Intel addressed 57 security vulnerabilities during this month's Patch Tuesday, including high severity ones impacting Intel Graphics Drivers. The security bugs are detailed in the 19 security advisories published by Intel on its Product Security Center, with security and functional updates being delivered to users through the Intel Platform Update process.

Forescout researchers have discovered nine vulnerabilities affecting nine different TCP/IP stacks widely used in IoT and OT devices. The vulnerabilities are due to weak Initial Sequence Number generation, and could be exploited to mount limited DoS attacks against the vulnerable devices, to inject malicious data on a device, or to bypass authentication.

President Joe Biden's administration has asked a US federal court to pause proceedings aimed at banning TikTok to allow for a fresh review of the national security threat from the popular Chinese-owned video app. The Trump administration move to ban downloads of TikTok and its presence on online networks had been stalled amid legal challenges.

An Azure customer was outraged after finding himself on the receiving end of an unexpected LinkedIn message from Ubuntu maker Canonical last night. Shortly after a message turned up from an Enterprise Development representative at Ubuntu with the ominous phrase: "I saw that you spun up an Ubuntu image in Azure," and offering to be a point of contact.

An Azure customer was outraged after finding himself on the receiving end of an unexpected LinkedIn message from Ubuntu maker Canonical last night. Shortly after a message turned up from an Enterprise Development representative at Ubuntu with the ominous phrase: "I saw that you spun up an Ubuntu image in Azure," and offering to be a point of contact.

Microsoft has fixed a privilege escalation vulnerability in Microsoft Defender Antivirus that could allow attackers to gain admin rights on unpatched Windows systems. Microsoft Defender Antivirus is the default anti-malware solution on over 1 billion systems running Windows 10 according to Microsoft's stats.

An analysis of 30 popular mobile health applications has revealed that all of them expose the full patient records of millions of people. With people increasingly relying on mHealth apps during the COVID-19 pandemic, researchers observed that such apps are now generating more user activities compared to other mobile apps.