Security News > 2021

Microsoft has released its latest biannual digital trust reports on the Microsoft Reports Hub. The tech giant also released its latest Microsoft Privacy Report with this larger group of reports.

Multiple vulnerabilities in the OpENer stack could be exploited in attacks aimed at supervisory control and data acquisition and other industrial systems that use OpENer. Maintained by EIPStackGroup and designed for I/O adapter devices, the OpENer EtherNet/IP stack offers support for multiple I/O and explicit connections, implements the ENIP and CIP industrial protocols, and is highly popular among major SCADA vendors.

Positive Technologies has hit back at the US government's "Groundless accusations" that it helped the Russian state carry out cyber attacks against the West - by highlighting how "Government agencies of different countries" use its products. Yesterday the US Treasury declared that Positive was selling weaponised infosec tech to the Russian government and ran recruiting events for state hacking agencies, which some Western news outlets have interpreted as meaning the company's flagship Positive Hack Days events.

Codecov online platform for hosted code testing reports and statistics announced on Thursday that a threat actor had modified its Bash Uploader script, exposing sensitive information in customers' continuous integration environment. Codecov provides tools that help developers measure how much of the source code executes during testing, a process known as code coverage, which indicates the potential for undetected bugs being present in the code.

Microsoft has had a busy six months if its latest biannual digital trust report is anything to go by as law enforcement agencies crept closer to making 25,000 legal requests. Requests for consumer data reached 24,798 during the second half of 2020, up from 24,093 during the previous six-month period, and quite a jump from the 21,781 for the same period in 2019.

One big reason: Ransomware rackets are dominated by Russian-speaking cybercriminals who are shielded - and sometimes employed - by Russian intelligence agencies, according to security researchers, U.S. law enforcement, and now the Biden administration. On Thursday, as the U.S. slapped sanctions on Russia for malign activities including state-backed hacking, the Treasury Department said Russian intelligence has enabled ransomware attacks by cultivating and co-opting criminal hackers and giving them safe harbor.

A critical vulnerability patched recently by networking and cybersecurity solutions provider Juniper Networks could allow an attacker to remotely hijack or disrupt affected devices. In a security advisory published this week, Juniper said the vulnerability can be exploited by a remote, unauthenticated attacker for arbitrary code execution or to trigger a partial denial of service condition on the targeted device.

Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses can identify and clear ProxyLogon Microsoft Exchange infections. The Small-to-Medium Business Microsoft Exchange Checklist Is This Checklist for Me? The four vulnerabilities described in Microsoft's communications to date do not appear to affect Exchange Online or Office 365 services.

An expired certificate has led to the repeated removal of linked American Express credit cards from user's Google Pay accounts. Starting yesterday, Google Pay users with linked American Express cards began receiving emails that Google removed their linked Amex card.

U.S. authorities revealed this week that the FBI executed a court-authorized cyber operation to remove malicious web shells from hundreds of compromised Microsoft Exchange servers located in the United States. "The effort by the FBI, as described in the Justice Department press release, amounts to the FBI gaining access to private servers. Just that should be a full stop that the action is not ok. While I understand the good intention - the FBI wants to remove the backdoor - this sets a dangerous precedent where law enforcement is given broad permission to access private servers."