Security News > 2021

A sub-group of the 'Molerats' threat-actor has been using voice-changing software to successfully trick targets into installing malware, according to a warning from Cado Security. In recent attacks targeting political opponents, APT-C-23 appears to have taken the spear-phishing to a new level, through the use of voice-changing software to pose as women.

The United States Department of Defense this week announced the launch of a new vulnerability disclosure program on HackerOne to identify vulnerabilities in Defense Industrial Base contractor networks. Running as a pilot, the Defense Industrial Base Vulnerability Disclosure Program covers participating DoD contractor partner's information systems and web properties, as well as other assets within scope, and is separate from the DoD vulnerability disclosure program that already runs on HackerOne.

Ireland's Data Protection Commission is investigating a massive data leak concerning a database containing personal information belonging to more than 530 million Facebook users. "Previous datasets were published in 2019 and 2018 relating to a large-scale scraping of the Facebook website which at the time Facebook advised occurred between June 2017 and April 2018 when Facebook closed off a vulnerability in its phone lookup functionality," the DPC said.

With the acceleration of digital transformation and convergence of IT and operational technology networks, Internet of Things and Industrial IoT devices are becoming essential tools for companies in sectors including oil and gas, energy, utilities, manufacturing, pharmaceuticals, and food and beverage. To address the rising use and risk associated with IoT devices, the IoT Cybersecurity Improvement Act was officially signed into law on December 4, 2020.

UPDATE. The Conti Gang has demanded a $40 million ransom from a Fort Lauderdale, Fla., school district after a ransomware attack last month. New details have emerged on DataBreaches.net, which recently posted a screenshot of a chat between attackers and a school district official about the sum of money attackers demanded.

The UK Cyber Security Council announced itself to the public realm last week by touting a domain it doesn't own. A brainchild of the Department for Digital, Culture, Media and Sport, the UK Cyber Security Council is billed by government as "The regulatory body, and voice, for UK cyber security education, training and skills." As part of that it "Drives progress towards meeting the key challenges the profession faces."

A report released Tuesday by Palo Alto Networks threat intelligence team Unit 42 examines how the cloud migration has affected security and what organizations can do to better protect themselves. The rise in security incidents has been triggered in part by the inability of many organizations to automate cloud security.

In a press conference detailing the report, Onapsis CEO Mariano Nunez said that the company confirmed over 300 exploitations, more than 107 hands-on attacks and seven tracked threat vectors in 18 countries, based on "Direct observation of threat activity." The data is not based on the exploitation of SAP customers' environments, Nunez added. SAP and Onapsis stressed that they are not aware of known customer breaches related to this research.

Secure access service edge and network-as-a-service provider Perimeter 81, announced Tuesday a new Firewall-as-a-Service offering designed to enhance the company's SASE platform. Perimeter 81's Network Traffic Control offering is aimed at securing the network perimeter and builds upon the company's SASE offering, which includes its Zero Trust Network Access, Zero Trust Application Access, and DNS Filtering products.

Threat actors are targeting mission-critical SAP applications unsecured against already patched vulnerabilities, exposing the networks of commercial and government organizations to attacks. SAP and cloud security firm Onapsis warned of these ongoing attacks today, and have worked in partnership with the Cybersecurity and Infrastructure Security Agency and Germany's cybersecurity agency BSI to warn SAP customers to deploy patches and survey their environments for unsecured apps.