Cyber security news January 2021

This posting is here to collect cyber security news in January 2021.

I post links to security vulnerability news to comments of this article.

You are also free to post related links to comments.

253 Comments

  1. Tomi Engdahl says:

    Malwarebytes says its Office 365, Azure tenancies invaded by SolarWinds hackers, insists its tools are still safe to use
    https://www.theregister.com/2021/01/20/malwarebytes_solarwinds_hack_latest/?utm_source=dlvr.it&utm_medium=facebook

    Points finger at privilege escalation via application rights in Azure AD, which Microsoft says is as designed

    Security company Malwarebytes suspects a breach of its Office 365 and Azure tenancies is by the same attacker behind the SolarWinds hack, but reckons flaws in Azure Active Directory security are also to blame.

    Malwarebytes, whose products include widely used anti-malware tools for consumers and businesses, said that it does not use SolarWinds but believes that the same attacker used “another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments”.

    The attack was spotted because of suspicious activity reported by Microsoft’s Security Response Center.

    The intruder “only gained access to a limited subset of internal company emails” said Malwarebytes, and there was no evidence of unauthorised access to internal or on-premises and production environments. Malwarebytes also checked its source code and build processes including “reverse engineering our own software” but could not find any evidence of compromise, concluding that “our software remains safe to use.”

    Reply
  2. Tomi Engdahl says:

    Hackers publish thousands of files after government agency refuses to pay ransom
    https://www.zdnet.com/article/hackers-publish-thousands-of-files-after-government-agency-refuses-to-pay-ransom/

    Ransomware gang publishes stolen data after Scottish Environment Protection Agency (SEPA) refuses to pay ransom – as agency confirms operations remain disrupted.

    SEPA hasn’t confirmed what form of ransomware it has fallen victim to, but the Conti ransomware gang claimed responsibility for the attack.

    As a result of the non-payment, Conti has published all of the stolen data on its website, posting over 4,000 documents and databases related to contracts, commercial services and strategy. The latest update from SEPA confirms that at least 4,000 files have been stolen and published.

    “We’ve been clear that we won’t use public finance to pay serious and organised criminals intent on disrupting public services and extorting public funds,”

    Reply
  3. Tomi Engdahl says:

    Google threatens to pull Search from Australia if Media Bargaining Code becomes law
    https://www.zdnet.com/article/google-threatens-to-pull-search-from-australia-if-media-bargaining-code-becomes-law/

    Search giant’s local managing director said the company has assessed the impact of the legislation and come to the conclusion it would be an untenable risk for its Australian operations.

    Google has said it may have no other choice than to pull its Search function from Australia if the News Media Bargaining Code goes ahead in its current form.

    Google, alongside Facebook, has been engaged in a stoush with the Australian Competition and Consumer Commission (ACCC) since August over the code that entered the House of Representatives in late December.

    The bargaining code, according to the government, is necessary to address the fundamental bargaining power imbalances between Australian news media businesses and major digital platforms.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*