Security News > 2021

A report released Wednesday by security firm GreatHorn looks at the risks of email attachments and suggests ways to defend your organization against such malicious payloads. Based on a survey of 256 cybersecurity professionals conducted in the U.S. in late March, the report found that 52% of them are most concerned with malicious payloads being delivered via email, while 47% are most worried about such payloads being delivered by a hyperlink within an email.

The question is, when does a cyberattack cross the line between a criminal action or mere prank, to an act of war? Is it the nature of the victim? The nature of the attacker? The nature of the damage? Or a combination of them all? Oxford's Reference Dictionary defines an act of war as: "An act by one nation intended to initiate or provoke a war with another nation; an act considered sufficient cause for war." That's a good definition, but it leaves some ambiguity when applied to the realm of cybersecurity.

A vulnerability impacting Fortinet VPNs is being exploited by a new human-operated ransomware strain known as Cring to breach and encrypt industrial sector companies' networks. The Cring operators drop customized Mimikatz samples, followed by CobaltStrike after gaining initial access and deploy the ransomware payloads by downloading using the legitimate Windows CertUtil certificate manager to bypass security software.

Malware disguised as a Netflix app, lurking on the Google Play store, spread through WhatsApp messages, researchers have discovered. According to a Check Point Research analysis released on Wednesday, the malware masqueraded as an app called "FlixOnline," which advertised via WhatsApp messages promising "2 Months of Netflix Premium Free Anywhere in the World for 60 days." But once installed, the malware sets about stealing data and credentials.

Open source security management company WhiteSource on Wednesday announced that it has raised $75 million in a Series D funding round. The latest round, which brings the total raised by WhiteSource to more than $120 million, was led by Pitango Growth, with participation from M12, Susquehanna Growth Equity, and 83North.

Threat actors are leveraging the supply chain to deliver various types of threats to organizations, and few of them are spared from such attacks, according to a new report from enterprise security company Proofpoint. During a seven-day window in February 2021, out of a total of 3,000 monitored organizations, Proofpoint reports that a whopping 98 percent were hit with a form of assault leveraging compromised supplier accounts and supplier impersonation.

Security researchers note an increase in alternative methods to steal data from phishing attacks, as scammers obtain the stolen info through Google Forms or private Telegram bots. Email remains the preferred method to exfiltrate stolen info but these channels foreshadow a new trend in the evolution of phishing kits.

Owners of Gigaset Android phones have been repeatedly infected with malware since the end of March after threat actors compromised the vendor's update server in a supply-chain attack. Gigaset is a German manufacturer of telecommunications devices, including a series of smartphones running the Android operating system.

Researchers have discovered new Android malware that uses Netflix as its lure and spreads malware via auto-replies to received WhatsApp messages. The discovery was reported to Google, and the malware - dubbed FlixOnline - has been removed from Google Play; but the researchers expect the methodology to return and be reused in other malware.

Researchers have discovered new Android malware that uses Netflix as its lure and spreads malware via auto-replies to received WhatsApp messages. read more