This Week in Security News - Jan. 15, 2021
January Patch Tuesday Repairs Critical MS Defender RCE Bug and Authorities Take Down World's Largest Illegal Dark Web Marketplace
Save to Folio
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about Microsoft’s updates for the first Patch Tuesday of 2021, including fixes for 83 CVEs. Also, read about how Europol shut down DarkMarket, the world’s largest online marketplace for illicit goods.
The cloud is an environment full of potential, providing easy access to technologies that weren’t available a decade ago. However, it’s not always as sunny as it seems. In this blog, Mark Nunnikhoven, vice president of cloud research at Trend Micro, shares his take on the top worry in cloud security for the upcoming year.
Europol has shut down DarkMarket, the world's largest online marketplace for illicit goods, as part of an international operation involving Germany, Australia, Denmark, Moldova, Ukraine, the U.K.'s National Crime Agency (NCA), and the U.S. Federal Bureau of Investigation (FBI). At the time of closure, DarkMarket is believed to have had 500,000 users and more than 2,400 vendors. Trend Micro’s “Trading in the Dark: An Investigation into the Current Condition of Underground Markets and Cybercriminal Forums” from May 2020 is referenced in the article.
Cloud storage services have become a significant attack vector, as cybercriminals increasingly use them to distribute malware throughout an organization. Today, most organizations are scanning for malware after a file has been added to a cloud service. In this article, Mark Nunnikhoven, vice president of cloud research at Trend Micro, shares how the Trend Micro Cloud One – File Storage Security tool identifies bad files and malware variants before those files are stored.
The recent Mimecast attack represents the most recent of a series of sophisticated attacks that some analysts fear could raise further questions about the overall integrity of critical supply chain relationships. In this article, I share my thoughts on malicious actors increasingly using the supply chain as an attack vector.
On November 4, video game maker Capcom announced that it detected unauthorized access to its network, and two weeks later confirmed that the attackers accessed the personal information of employees, as well as financial information, sales reports, and other business data. The operators of the Ragnar Locker ransomware, who claimed the attack, said they were able to download over 1TB of data from the company.
Apple has removed a controversial feature from the macOS operating system that allowed 53 of Apple's own apps to bypass third-party firewalls, security tools, and VPN apps installed by users for their protection. Known as the ContentFilterExclusionList, the list was included in macOS 11, also known as Big Sur.
Hackers who stole data related to a coronavirus vaccine have leaked it online, a European regulator investigating the breach said. An ongoing investigation into the breach found that “some of the unlawfully accessed documents related to COVID-19 medicines and vaccines belonging to third parties have been leaked on the internet,” the European Medicines Agency said in a statement. It was not immediately clear what the unidentified attackers were trying to accomplish in dumping the data online.
In light of successful cyberattacks targeting organizations’ cloud services, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a series of recommendations on how businesses can improve their cloud security. The attacks observed by CISA exploit poor cyber hygiene practices within cloud services configurations, and the agency says the activity is not tied to a specific threat actor or the recent SolarWinds attack.
Microsoft welcomed the new year with 83 security updates, an uptick from December’s relatively lighter list. January 2021’s Patch Tuesday features 10 Critical and 73 Important patches. All of this month’s Critical patches are meant to fix remote code execution (RCE) vulnerabilities among certain Microsoft products, including Microsoft Defender, Microsoft Edge, and Microsoft DTV-DVD Video Decoder. Out of the 83 patches issued this month, seven were reported by Trend Micro’s Zero Day Initiative (ZDI).
What do you think about Apple’s move to remove its ContentFilterExclusionList feature? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.