Security News > 2021

For a limited time, I am selling signed copies of Click Here to Kill Everybody in hardcover for just $6, plus shipping. Note that I have had occasional problems with international shipping. The...

It has been another quiet week for ransomware, though we did have some interesting stories come out this week. Other interesting news is Intel's announcement that their new vPro chips will have built-in hardware ransomware detection and BitDefender released a decryptor for the DarkSide ransomware.

Apple has removed a contentious macOS feature that allowed some Apple apps to bypass content filters, VPNs and third-party firewalls. The feature, first uncovered in November in a beta release of the macOS Big Sur feature, was called "ContentFilterExclusionList" and included a list of at least 50 Apple apps - including Maps, Music, FaceTime, the App Store and its software update service.

When the move to the cloud was dramatically exacerbated by companies rapidly shifting to remote work, these tools fell short of supplying clear visibility into multiple environments and technology layers. The need to quickly adapt and scale to the new reality provided the perfect opportunity to accelerate the push to cloud, but outdated traditional security information and event management tools are not able to efficiently collect and process the high volume of telemetry generated by the multiple cloud services adopted as part of this push.

Google says that it will block third-party Chromium web browsers from using private Google APIs after discovering that they were integrating them although they're intended to be used only in Chrome. This is because many of the Google APIs included in the Chromium code are specific only to Google Chrome and are not intended to be integrated and used by the users of derived Chromium products.

Google has removed 164 apps, downloaded a total of 10 million times, from its Google Play marketplace because they were delivering "Disruptive" ads, considered malicious. The problem continues to plague Google despite numerous efforts by the company to prevent "Malicious developers" from submitting their apps to its Google Play marketplace.

Microsoft this week published a reminder for organizations that a February 9 security update will kick off the second phase of patching for the Zerologon vulnerability. Tracked as CVE-2020-1472 and addressed on August 2020 Patch Tuesday, the critical vulnerability was identified in the Microsoft Windows Netlogon Remote Protocol and can be abused to compromise Active Directory domain controllers and gain admin access.

Attackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices. This week, security researcher Kirk Sayre found a phishing campaign utilizing the Finger command to download the MineBridge backdoor malware.

Facebook on Thursday announced that it took legal action against two individuals for scraping data from its website. In a lawsuit filed in Portugal, Facebook Inc. and Facebook Ireland seek permanent injunction against the two for violation of the social media platform's terms of service and Portugal's Database Protection Law.

The European Medicines Agency today revealed that some of the stolen Pfizer/BioNTech vaccine candidate data was doctored by threat actors before being leaked online with the end goal of undermining the public's trust in COVID-19 vaccines. EMA is the decentralized agency that reviews and approves COVID-19 vaccines in the European Union, and the agency that evaluates, monitors, and supervises any new medicines introduced to the EU. "The ongoing investigation of the cyberattack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines have been leaked on the internet," the agency disclosed today.