Security News > 2022 > January

The US Cybersecurity & Infrastructure Security Agency has added eight more flaws to its catalog of exploited vulnerabilities that are known to be used in attacks, and they're a mix of old and new. The goal of publishing these vulnerabilities is to raise awareness and remind federal organizations of their obligation to apply security updates by a specified strict deadline.

The controversial Pegasus spyware, developed by NSO Group, has been found on the devices of Finland's diplomatic corps serving outside the country as part of a wide-ranging espionage campaign, according to Finnish officials. Last summer, the Guardian newspaper published a report from journalists who reviewed data leaked from NSO Group that found 50,000 phone numbers they believe were being monitored for their clients, dating back to 2016, including Amnesty International employees, human rights lawyers and more.

Microsoft is updating Microsoft Defender for Office 365 with differentiated protection for enterprise accounts tagged as critical for an organization. "We are introducing differentiated protection for Priority accounts, which will provide users tagged as Priority accounts with a higher level of protection," Microsoft explains on the Microsoft 365 roadmap.

Researchers at Symantec's Threat Hunter team, a part of Broadcom Software, have analyzed eight malware samples used by Gamaredon against Ukrainian targets in recent attacks, which could provide essential information for defenders to protect against the ongoing wave attacks. These files launched a VBS file that dropped "Pteranodon," a well-documented backdoor that Gamaredon has been developing and improving for almost seven years now.

UPnP is a connectivity protocol optionally available in most modern routers that allows other devices on a network to create port forwarding rules on a router automatically. It is yet another technology that trades convenience for security, especially when the UPnP implementation is potentially vulnerable to attacks allowing remote actors to add UPnP port-forwarding entries via a device's exposed WAN connection.

Linux users on Tuesday got a major dose of bad news - a 12-year-old vulnerability in a system tool called Polkit gives attackers unfettered root privileges on machines running most major distributions of the open source operating system. Previously called PolicyKit, Polkit manages system-wide privileges in Unix-like OSes.

A group of academics at South Korea's Gwangju Institute of Science and Technology have utilized natural silk fibers from domesticated silkworms to build an environmentally friendly digital security system that they say is "Practically unbreachable." "The first natural physical unclonable function [] takes advantage of the diffraction of light through natural microholes in native silk to create a secure and unique digital key for future security solutions," the researchers said.

Given the rapidly increasing complexity of today's cyber threat landscape, these scanners are not enough to win the fight against an increasingly overwhelming volume of vulnerability alerts. Yes, vulnerability scanners are needed in most security toolkits.

Cybersecurity has come to be defined by identity, with almost every attack today revolving around gaining control of a user's identity as a means of accessing critical data and systems. More recently, the ransomware and data theft attack on Planned Parenthood also seems to have started with a compromised account.

The heightened risk of cyberattacks on businesses is being compounded by significant recruitment and retention issues within cybersecurity teams, making businesses more vulnerable to potential attacks, according to a research from ThreatConnect. With the number of data breaches in 2021 soaring past that of 2020, there is added pressure on cybersecurity teams to keep businesses secure.