Security News > 2021

Security experts are warning hackers are ramping up attempts to exploit a high-severity vulnerability that may still reside in over 100,000 Zyxel Communications products. Zyxel, a Taiwanese manufacturer of networking devices, on Dec. 23 warned of the flaw in its firmware and released patches to address the issue.

The United States has pinned the blame on Russia for a devastating cyberattack campaign that has hit government agencies and corporations across the country. In a joint statement, the agencies said that the work "Indicates that an Advanced Persistent Threat actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks." Further, the group said it believes the incident was designed as an intelligence gathering effort, which means a surveillance operation aimed at finding confidential and sensitive information.

Microsoft released today a new simplified version of the Windows File Recovery tool to test on the latest Windows 10 Insider build. In June, we reported that Microsoft quietly released a new file recovery tool on the Microsoft Store called 'Windows File Recovery' that allows you to recover mistakenly deleted files from your hard drives, USB drives, and SD cards.

Vulnerabilities discovered by Cisco Talos researchers in SoftMaker Office can be exploited for arbitrary code execution by creating malicious documents and tricking victims into opening them. A German software developer, SoftMaker Software GmbH offers individuals and enterprises a popular office software suite that includes word processing, spreadsheet, presentation, and database software components.

The U.S. government has identified Russia as the "Likely" culprit behind the widespread SolarWinds cyberattack that has so far affected multiple federal agencies and private-sector companies. Cyberespionage is cited as the motivation behind the attack, which the feds characterized as ongoing.

The U.S. government on Wednesday announced the launch of another bug bounty program conducted in collaboration with hacker-powered cybersecurity platform HackerOne. Hack the Army 3.0, whose goal is to help the U.S. Army secure its digital assets and protect its systems against cyberattacks, takes place between January 6 and February 17, and it's open to both millitary and civilian white hat hackers.

The US Department of Justice said that the attackers behind the SolarWinds supply chain attack have gained access to roughly 3% of the department's Office 365 email inboxes. The Justice Department currently employs over 115,000 people [1, 2] which translates to around 3450 potentially breached mailboxes.

Microsoft is rolling out a new Windows 10 feature to Insiders called 'News and Interests' that displays a taskbar flyout with recommended news stories, sports scores, and weather information. Similar to Google Discover, the Windows 10 'News and Interests' feature will build a profile of a user's interests to display matching news stories and articles.

A class action lawsuit was filed on behalf of SolarWinds investors this week over the cybersecurity breach suffered by the Texas-based IT management solutions provider. The complaint names SolarWinds, as well as Kevin Thompson, who served as the company's CEO until just days before the incident was disclosed, and Barton Kalsu, executive VP and CFO of SolarWinds.

More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel. Installing patches removes the backdoor account, which, according to Eye Control researchers, uses the "Zyfwp" username and the "PrOw!aN fXp" password.