The Week in Cyber Security News, Jan. 25 - 31
01. The new DreamBus botnet attacks enterprise apps running on Linux servers by using exploits and brute-force to target PostgreSQL, Redis, SaltStack, Hadoop, Spark, and others.
02. Security vendor SonicWall has warned its customers that threat actors may have found zero-day vulnerabilities in some of its remote access products.
03. Bad actors launched an unprecedented wave of DDoS attacks in 2020, with COVID-19 and a newfound reliance on digital tools prompting a spike.
04. Apple has released updates for iOS, iPadOS, and tvOS with fixes for three security vulnerabilities that it says may have been actively exploited in the wild.
05. Google has warned it has uncovered an "ongoing" state-backed hacking campaign run by North Korea targeting cyber security researchers.
06. Cybercriminals have shifted away from stealing individual consumers' information in 2020 to focus on bigger, more profitable attacks on businesses, according to a report.
07. In a coordinated, multi-part offensive against NetWalker ransomware attackers, law enforcement agencies have announced that they charged a Canadian national, seized nearly half a million dollars in cryptocurrency and disabled a dark web leak site.
08. Researchers have found that Google's QUIC (Quick UDP Internet Connections) protocol is more vulnerable to web fingerprinting than HTTPS, a shortcoming that could make it easier for an adversary to infer which websites an individual is visiting by scrutinizing network traffic.
09. USCellular, a Chicago-based mobile network operator, has revealed a data breach incident affecting an undisclosed number of customers, after threat actors tricked employees into accessing and downloading malicious software on some retail-store computers.
10. A bug hunter from Google’s Project Zero has discovered a dangerous bug in the GNU Privacy Guard team’s libgcrypt encryption software, meaning the GnuPG crypto library can be pwned during decryption.
11. A malicious Home Depot advertising campaign has been uncovered redirecting Google search visitors to tech support scams.
12. In an effort to prevent attacks from being launched via its iMessage feature, Apple has debuted a security service called BlastDoor in iOS 14, its current mobile operating system version.
13. The cybercrime group behind the FonixCrypter ransomware has announced on Twitter that they've deleted the ransomware's source code and plan to shut down their operation.
14. The New Zealand Financial Markets Authority regulator has issued a damning review of the NZX share exchange following a spate of high-profile distributed denial of service attacks that saw the operator go offline for days on end in August last year.
Thanks for visiting SecAlerts and reading our weekly cyber security news roundup. We offer a free weekly CVE alert service, or an hourly service from $US17/mth, both of which include software updates and news relating to your software stack. Join more than 1,500 other users and sign up.
. . .
If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.