Security News > 2022 > January

The widely distributed FluBot malware continues to evolve, with new campaigns distributing the malware as Flash Player and the developers adding new features. Once in the device, FluBot can steal online banking credentials, send or intercept SMS messages, and capture screenshots.

Cybersecurity software company NortonLifeLock is coming under fire for its decision late last year to begin installing Ethereum mining software on its Norton 360 customers' PCs without their permission or knowledge. Norton Crypto, the new Norton 360 mining component, isn't enabled without the user opting in, but that hasn't stopped users from taking to Norton's Crypto forum to register their discontent, and they aren't all upset about the sneaky installation.

Learning management platform Instructure claims the domain name Canvas.com and its logo contain elements that conflict with Instructure's Canvas product and line of business. Court documents seen by Domain Name Wire reveal, over subsequent years, Instructure's product capabilities expanded to allow users to showcase their resumes, professional references, and keep tabs on companies as well as new job openings.

The US National Counterintelligence and Security Center and the Department of State have jointly published guidance on defending against attacks using commercial surveillance tools. Tips shared in the joint advisory are designed to help people at risk of being targeted by surveillance campaigns block attempts to track their location, record their conversations, and harvest their personal information and online activity using mercenary spyware deployed on their mobile devices.

Get your internet-exposed, network-attached storage devices off the internet now, Taiwanese manufacturer QNAP warns: Ransomware and brute-force attacks are widely targeting all network devices. "The most vulnerable victims will be those devices exposed to the Internet without any protection," QNAP said on Friday, urging all QNAP NAS users to follow security-setting instructions that the Taiwanese NAS maker included in its alert.

Researchers discovered a bug related to the Log4J logging library vulnerability, which in this case opens the door for an adversary to execute remote code on vulnerable systems. JFrog security discovered the flaw and rated critical in the context of the H2 Java database console, a popular open-source database, according to a Thursday blog post by researchers.

UK's National Health Service has published a cyber alert warning of an unknown threat group targeting VMware Horizon deployments with Log4Shell exploits. According to the NHS notice, the actor is leveraging the exploit to achieve remote code execution on vulnerable VMware Horizon deployments on public infrastructure.

QNAP has warned customers today to secure Internet-exposed network-attached storage devices immediately from ongoing ransomware and brute-force attacks. "QNAP urges all QNAP NAS users to follow the security setting instructions below to ensure the security of QNAP networking devices," the Taiwanese NAS maker said in a press release issued today.

Norton 360 can now mine Ethereum. It’s opt-in, and the company keeps 15%. It’s hard to uninstall this option.

This change has profound implications: customers unable to implement MFA across their access by the set date can continue to use Salesforce without MFA at their own risk. Thales statistics suggest that 90 per cent of cyberattacks utilise compromised credentials in some way, which if correct implies that failing to implement MFA on Salesforce is potentially shifting responsibility for almost all cyberattacks involving the service.