Security News > 2021

Federal law enforcement is now looking into a cyberattack at a water treatment plant in Oldsmar, FL where someone was able to remotely access systems and add a dangerous amount of chemicals to the town's water supply. On Monday, Pinellas County Sheriff Bob Gualtieri explained during a press conference that an employee at Oldsmar's water treatment facility saw his mouse moving independently of him on Friday morning but thought nothing of it-it's common for people in the field to remotely access systems through their TeamViewer software.

Polish video game maker CD Projekt RED, the company behind The Witcher and Cyberpunk 2077, said Tuesday hackers had stolen data in a "Targeted cyber attack". "An unidentified actor gained unauthorized access to our internal network, collected certain data belonging to CD PROJEKT capital group, and left a ransom note," the company said on Twitter.

A newly discovered variant of the LodaRAT malware, which has historically targeted Windows devices, is being distributed in an ongoing campaign that now also hunts down Android devices and spies on victims. Along with this, an updated version of LodaRAT for Windows has also been identified; both versions were seen in a recent campaign targeting Bangladesh, researchers said.

UPDATE. CD Projekt Red, the videogame-development company behind Cyberpunk 2077 and the wildly popular Witcher series, has suffered a ransomware attack that could soon result in troves of company data being dumped online - including game source code. The news comes on the heels of weeks of controversy over the company's blockbuster release of Cyberpunk 2077, which suffered glitches and console problems that engendered high levels of dissatisfaction among fans, who had waited more than a year for the much-hyped giant sandbox game.

Managed security services are undergoing a timely and significant transformation, armed with new hyperscalable technology stacks, hybrid enterprise and cross-cloud protection complexities, and a demand to evolve from 24/7 eyes-on-glass into hands-on customer-integrated early warning and response. That transformation of traditional managed security services provider offerings, combined with an explosion of software product vendors and consulting services providers entering the fray with their newly hybridized managed detection and response solutions, is confusing to many.

Following a two-year downtime, an Iran-linked cyberespionage operation has recommenced with new second-stage malware and with an updated variant of the Infy malware, according to joint research conducted by cybersecurity firms SafeBreach and Check Point. Evidence suggests the operation started as early as 2007 - it was one of the earliest Iranian campaigns discovered - but it was initially detailed in 2016, while the next year it also involved the use of a piece of malware called Foudre, which by 2018 had already been updated eight times.

A VPN provides two basic services: Encrypting data between two points and hiding a user's IP address, as David Gewirtz explains on ZDNet. IT teams should consider how a VPN could affect latency, according to Gurinaviciute, as sending encrypted traffic can slow the overall flow.

Online criminals have increasingly targeted Remote Desktop Protocol connections over the past year, according to infosec biz ESET. During calendar 2020, ESET recorded what it said was a 768 per cent increase in attack attempts on RDP, a key Windows feature for remote working, during the course of the year. Roman Kováč, ESET's chief research officer, said in a statement: "RDP security is not to be underestimated especially due to ransomware, which is commonly deployed through RDP exploits, and, with its increasingly aggressive tactics, poses a great risk to both private and public sectors."

North Korea has modernized its nuclear weapons and ballistic missiles by flaunting United Nations sanctions, using cyberattacks to help finance its programs and continuing to seek material and technology overseas for its arsenal, U.N. experts said. The panel recommended that the Security Council impose sanctions on four North Korean men: Choe Song Chol, Im Song Sun, Pak Hwa Song, and Hwang Kil Su. The Security Council has imposed increasingly tough sanctions on North Korea since its first test explosion of a nuclear device in 2006.

An update released last week by Mozilla for Firefox 85 patches a critical information disclosure vulnerability that can be chained with other security flaws to achieve arbitrary code execution. In its advisory for the vulnerability - the bug currently does not have a CVE identifier - Mozilla described it as a "Buffer overflow in depth pitch calculations for compressed textures." The issue, reported by researchers Abraruddin Khan and Omair through Trend Micro's Zero Day Initiative, apparently only impacts Firefox running on Windows - other operating systems are not affected.