Security News > 2021

A researcher has made public a proof-of-concept exploit for a recently discovered vulnerability affecting Chrome, Edge and other Chromium-based web browsers. On April 7, at the Pwn2Own 2021 hacking competition, Bruno Keith and Niklas Baumstark of Dataflow Security earned $100,000 for a remote code execution exploit that works against web browsers that are based on Google's open source Chromium project.

A former Kansas utility worker has been charged with remotely tampering with a public water system's cleaning procedures, highlighting the difficulty smaller utilities face in protecting against hackers. Wyatt Travnichek, 22, was charged last month with remotely accessing the Post Rock Rural Water District's systems in March 2019, about two months after he quit his job with the utility.

Developing SIEM rules, using the SolarWinds attack as an example. In the case of the SolarWinds Sunburst attack and many other attacks, Cymulate Sigma Rules are queries that search for the IOBs of the attack.

An academic researcher has analysed more than 100 Computer Misuse Act cases to paint a picture of the sort of computer-enabled criminals who not only plagued Great Britain's digital doings in the 21st Century but were also caught by the plod. The average Computer Misuse Act convict is likely to be a semi- or low-skilled individual, mostly working alone and more likely than not to have no knowledge of his or her victim, James Crawford of Royal Holloway, University of London, found.

An academic researcher has analysed more than 100 Computer Misuse Act cases to paint a picture of the sort of computer-enabled criminals who not only plagued Great Britain's digital doings in the 21st Century but were also caught by the plod. The average Computer Misuse Act convict is likely to be a semi- or low-skilled individual, mostly working alone and more likely than not to have no knowledge of his or her victim, James Crawford of Royal Holloway, University of London, found.

Simply put, XDR encompasses more than one type of detection, but it can be as little as two in some cases. XDR promises to make security teams more efficient, productive and effective via centralized historic and real-time event data in common formats, and with scalable, high-performance storage, fast-indexed searches and automation-driven responses.

Security researchers have uncovered nine vulnerabilities affecting four TCP/IP stacks impacting more than 100 million consumer and enterprise devices that could be exploited by an attacker to take control of a vulnerable system. "These vulnerabilities relate to Domain Name System implementations, causing either Denial of Service or Remote Code Execution, allowing attackers to take target devices offline or to take control over them," the researchers said.

The coronavirus pandemic accelerated trends that had slowly been changing businesses everywhere, transforming remote work from a perk to a necessity and sending even more of our data, applications, and day-to-day activities into the cloud. The most obvious pain point that many organizations are working through is how to manage workforce transformation, specifically when it comes to authenticating and monitoring remote user identities.

Microsoft has warned organizations of a "Unique" attack campaign that abuses contact forms published on websites to deliver malicious links to businesses via emails containing fake legal threats, in what's yet another instance of adversaries abusing legitimate infrastructure to mount evasive campaigns that bypass security protections. IceID is a Windows-based banking trojan that's used for reconnaissance and exfiltration of banking credentials, alongside features that allow it to connect to a remote command-and-control server to deploy additional payloads such as ransomware and malware capable of performing hands-on-keyboard attacks, stealing credentials, and moving laterally across affected networks.

Forescout Research Labs, in partnership with JSOF, disclosed a new set of DNS vulnerabilities, dubbed NAME:WRECK. These vulnerabilities affect four popular TCP/IP stacks - namely FreeBSD, IPnet, Nucleus NET and NetX - which are commonly present in well-known IT software and popular IoT/OT firmware and have the potential to impact millions of IoT devices around the world. More than 180,000 devices in the U.S. and more than 36,000 devices in the UK are believed to be affected.