Security News

Cybersecurity researchers have unearthed a fourth new malware strain-designed to spread the malware onto other computers in victims' networks-which was deployed as part of the SolarWinds supply chain attack disclosed late last year. "The discovery of Raindrop is a significant step in our investigation of the SolarWinds attacks as it provides further insights into post-compromise activity at organizations of interest to the attackers," Symantec researchers said.

A researcher claimed last week that he managed to take control of the country code top-level domain for the Democratic Republic of Congo after an important domain name was left to expire. Fredrik Almroth, founder and researcher at web security company Detectify, decided to analyze the name server records used by all TLDs. These NS records specify the servers for a DNS zone.

The Ryuk ransomware criminal enterprise is estimated to be worth more than $150,000,000, security researchers say. Initially detailed in 2018 and believed to be operated by Russian cybercriminals, Ryuk has become one of the most prevalent malware families, being used in various high-profile attacks, such as the targeting of Pennsylvania-based UHS and Alabama hospital chain DCH Health System.

A couple of researchers claim they have earned $50,000 from Apple for finding some serious vulnerabilities that gave them access to the tech giant's servers. Harsh Jaiswal and Rahul Maini, India-based bug bounty hunters who specialize in application security, said they discovered the flaws in recent months, being inspired by a group of researchers who in October reported receiving hundreds of thousands of dollars from Apple for a total of 55 vulnerabilities, including ones that exposed source code, iCloud accounts, warehouse software, and employee and customer apps.

These posts reportedly included Parler video URLs made up of raw video files with associated embedded metadata - and precise GPS coordinates of where the videos were taken, sparking privacy concerns about the service's data collection. Amazon reportedly informed Parler it was removing it from its web hosting service on Sunday night, essentially stripping it of the infrastructure it relies on to operate.

Kaspersky's latest analysis of the Sunburst backdoor has revealed a number of shared features between the malware and Kazuar, leading the researchers to suspect that -. The groups behind Kazuar and Sunburst obtained the malware from a single source.

In July 2018, after many years of using Yubico security key products for two-factor authentication, Google announced that it was entering the market as a competitor with a product of its own, called Google Titan. Security keys of this sort are often known as FIDO keys after the Fast IDentity Online Alliance, which curates the technical specifications of a range of authentication technologies that "[p]romote the development of, use of, and compliance with standards for authentication and device attestation".

Researchers have found a way to clone Google's Titan Security Keys through a side-channel attack, but conducting an attack requires physical access to a device for several hours, as well as technical skills, custom software, and relatively expensive equipment. A new attack method against such devices was described by researchers from NinjaLab, a France-based company that specializes in the security of cryptographic implementations.

Security researchers have spotted a brand new ransomware family taking aim at corporate networks, warning that professional cybercriminals have already hit multiple organizations with the file-encryption scheme. The new ransomware family, called Babuk, has claimed at least four corporate victims facing data recovery extortion attempts.

ReCaptcha is Google's name for its own technology and free service that uses image, audio or text challenges to verify that a human is signing into an account. Google recently started charging for larger reCAPTCHA accounts.