Security News > 2021

SolarWinds Orion exploited by another group of state-sponsored hackersAnother group of state-sponsored hackers has exploited the ubiquity of SolarWinds software to target US government agencies, Reuters reported on Tuesday. February 2021 Patch Tuesday forecast: The human communication aspectWe spend a lot of time each month discussing the technical details surrounding vulnerabilities, software updates, and the tools we use for patch management in our organizations.

Mozilla has released Firefox 85.0.1 and includes a fix that prevents a Windows 10 NTFS corruption bug from being triggered from the browser. Last month, BleepingComputer reported that a bug in Windows 10 and Windows XP allows non-privileged users to mark an NTFS volume as dirty.

Google has forcibly uninstalled the immensely popular 'The Great Suspender' extension from Google Chrome and classified it as malware. The Great Suspender is a Chrome extension that will suspend unused tabs and unload its resources to decrease the browser's memory usage.

A Flash Player emulator called 'Ruffle' allows you to play your archived Flash games without fear of being attacked as you browse the web. Later that month, a kill switch in Adobe Flash Player came alive that prevents Flash content in the player.

Google on Thursday removed The Great Suspender, a popular Chrome extension used by millions of users, from its Chrome Web Store for containing malware. "The old maintainer appears to have sold the extension to parties unknown, who have malicious intent to exploit the users of this extension in advertising fraud, tracking, and more," Calum McConnell said in a GitHub post.

This week we saw a few large scale attacks and various ransomware reports indicating ransom payments are falling, while attacks are increasingly destroying data permanently. For some good news, a Fonix ransomware decryptor was released this week by Kaspersky that allows victims to recover their files for free.

A new distributed denial-of-service attack vector has ensnared Plex Media Server systems to amplify malicious traffic against targets to take them offline. "Plex's startup processes unintentionally expose a Plex UPnP-enabled service registration responder to the general Internet, where it can be abused to generate reflection/amplification DDoS attacks," Netscout researchers said in a Thursday alert.

Google has patched a zero-day vulnerability in Chrome web browser for desktop that it says is being actively exploited in the wild. While it's typical of Google to limit details of the vulnerability until a majority of users are updated with the fix, the development comes weeks after Google and Microsoft disclosed attacks carried out by North Korean hackers against security researchers with an elaborate social engineering campaign to install a Windows backdoor.

The report analyzed all publicly disclosed vulnerabilities in ICS networks in the second half of 2020 and found a nearly 33 percent increase in ICS disclosures over 2018, both from organizations like Claroty and from independent researchers. "There has been a shift towards ICS research with strong growth in security research groups for this second biannual report, as more organizations try and understand the new attack landscape," Amir Preminger, vice president of research at Claroty, explained to Threatpost.

A security bug in Contact Form 7 Style, a WordPress plugin installed on over 50,000 sites, could allow for malicious JavaScript injection on a victim website. The latest WordPress plugin security vulnerability is a cross-site request forgery to stored cross-site scripting problem in Contact Form 7 Style, which is an add-on to the well-known Contact Form 7 umbrella plugin.