Security News > 2021

The OpenWrt project has revealed that an attacker has managed to access information about its online forum users over the weekend, by compromising the account of a forum administrator. The OpenWrt project oversees the development of OpenWrt, an open-source, Linux-based embedded operating system/firmaware for a variety of routers and gateways, which can also be used on smartphones, laptops and personal computers.

Anyvan, the European online marketplace that lets users buy delivery, transport or removal services from a network of providers, has confirmed it was the victim of a digital burglary that involved the theft of customers' personal data. The company wrote to customers mid-last week to inform them of a "Breach of security resulting in the unauthorised access to data from our user database," according to the email seen by The Register.

An active malicious campaign is currently targeting Linux devices running software with critical vulnerabilities that is powering network-attached storage devices or for developing web applications and portals. The purpose is to infect machines with vulnerable versions of the popular TerraMaster operating system, the Zend Framework, or Liferay Portal with FreakOut malware, which can help deploy a wide variety of cyberattacks.

Cybersecurity researchers have unearthed a fourth new malware strain-designed to spread the malware onto other computers in victims' networks-which was deployed as part of the SolarWinds supply chain attack disclosed late last year. "The discovery of Raindrop is a significant step in our investigation of the SolarWinds attacks as it provides further insights into post-compromise activity at organizations of interest to the attackers," Symantec researchers said.

SparkCognition and SkyGrid announced a new collaboration to deploy AI-powered cybersecurity directly on drones, protecting them from zero-day attacks during flight. Equipped with SparkCognition's DeepArmor cybersecurity product, SkyGrid is the first airspace management system to enable drone protection powered by AI. This approach provides more advanced airspace security than traditional anti-malware reliant on signatures of known threats.

In the wake of a cyberattack, Active Directory is sometimes dismissed as just another service that needs to be recovered, and security is an afterthought. Since Active Directory is used as a source from which to sync to other identity stores, any tampering with Active Directory can cause a devastating ripple effect across your identity infrastructure.

Dnsmasq, short for DNS masquerade, is a lightweight software with DNS forwarding capabilities used for locally caching DNS records, thus reducing the load on upstream nameservers and improving performance. If the malicious answer with the right transaction ID from the attacker arrives before the response from the authoritative server, then the DNS cache would be effectively poisoned, returning the attacker's chosen IP address instead of the legitimate address for as long as the DNS response was valid.

An ongoing malware campaign has been found exploiting recently disclosed vulnerabilities in network-attached storage devices running on Linux systems to co-opt the machines into an IRC botnet for launching distributed denial-of-service attacks and mining Monero cryptocurrency. Regardless of the vulnerabilities exploited, the end goal of the attacker appears to be to download and execute a Python script named "Out.py" using Python 2, which reached end-of-life last year - implying that the threat actor is banking on the possibility that that victim devices have this deprecated version installed.

The move toward managed security services has some distinct advantages but may also create security gaps for organizations relying on a provider to secure their data. Some recent studies also have found a gap between what organizations expect of their security tools and how they actually perform.

We built Pentest Robots to give infosec specialists more time to do work they enjoy, creating more value for their customers and advancing their professional growth. Scan your targets with robots to eliminate repetitive tasks, waiting times, and manual steps included in every pentest.