Cyber security news February 2021

This posting is here to collect cyber security news in February 2021.

I post links to security vulnerability news to comments of this article.

You are also free to post related links to comments.

310 Comments

  1. Tomi Engdahl says:

    Former SolarWinds CEO blames intern for ‘solarwinds123′ password leak
    https://edition.cnn.com/2021/02/26/politics/solarwinds123-password-intern/
    The researcher who discovered the leaked password, Vinoth Kumar,
    previously told CNN that before the company corrected the issue in
    November 2019, the password had been accessible online since at least
    June 2018.. Emails between Kumar and SolarWinds showed that the leaked
    password allowed Kumar to log in and successfully deposit files on the
    company’s server. Using that tactic, Kumar warned the company, any
    hacker could upload malicious programs to SolarWinds.

    Reply
  2. Tomi Engdahl says:

    https://www.forbes.com/sites/thomasbrewster/2021/02/25/exclusive-hackers-break-into-biochemical-systems-at-oxford-uni-lab-studying-covid-19/
    Oxford University confirmed on Thursday it had detected and isolated
    an incident at the Division of Structural Biology (known as Strubi)
    after Forbes disclosed that hackers were showing off access to a
    number of systems. These included machines used to prepare biochemical
    samples, though the university said it couldnt comment further on the
    scale of the breach. It has contacted the . National Cyber Security
    Center (NCSC), a branch of the British intelligence agency GCHQ, which
    will now investigate the attack.. The crew, according to [Hold
    Security's Alex] Holden, is highly sophisticated and has been
    privately selling stolen data from a number of its victims, and has
    previously sold to advanced persistent threat groups, a term for
    nation-state-backed hackers. He noted that the hackers spoke
    Portuguese. Some of the groups other victims include Brazilian
    universities, Holden added, and they also . use ransomware to extort
    some victims.

    Reply
  3. Tomi Engdahl says:

    Microsoft fixes Windows 10 drive corruption bug what you need to know
    https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-drive-corruption-bug-what-you-need-to-know/
    With this week’s release of Windows 10 Insider build 21322, Microsoft
    has included an undocumented fix that prevents the path from being
    accessed.

    Reply
  4. Tomi Engdahl says:

    Google shares PoC exploit for critical Windows 10 Graphics RCE bug
    https://www.bleepingcomputer.com/news/security/google-shares-poc-exploit-for-critical-windows-10-graphics-rce-bug/
    Project Zero, Google’s 0day bug-hunting team, shared technical details
    and proof-of-concept (PoC) exploit code for a critical remote code
    execution (RCE) bug affecting a Windows graphics component.. They
    reported the bug to the Microsoft Security Response Center in
    November. The company released security updates to address it on all
    vulnerable platforms on February 9, during this month’s Patch Tuesday.

    Reply
  5. Tomi Engdahl says:

    Jian The Chinese Double-edged Cyber Sword
    https://blog.checkpoint.com/2021/02/22/jian-the-chinese-double-edged-cyber-sword/
    In the last few months, Check Point Research (CPR) focused on recent
    Windows Local Privilege Escalation (LPE) exploits attributed to
    Chinese actors. An LPE is used by attackers to acquire Administrator
    rights on a Windows machine. During this investigation, our malware
    and vulnerability researchers managed to unravel the hidden story and
    origins behind “Jian”, an exploit that was previously attributed to
    the Chinese-affiliated attack group named APT31 (Zirconium)

    Reply
  6. Tomi Engdahl says:

    Python programming language hurries out update to tackle remote code
    vulnerability
    https://www.zdnet.com/article/python-programming-language-hurries-out-update-to-tackle-remote-code-vulnerability
    The Python Software Foundation (PSF) has rushed out Python 3.9.2 and
    3.8.8 to address two notable security flaws, including one that is
    remotely exploitable but in practical terms can only be used to knock
    a machine offline.

    Reply
  7. Tomi Engdahl says:

    SHAREit fixes security bugs in app with 1 billion download
    https://www.bleepingcomputer.com/news/security/shareit-fixes-security-bugs-in-app-with-1-billion-downloads/
    Singapore-based Smart Media4U Technology said today that it fixed
    SHAREit vulnerabilities that may have allowed attackers to execute
    arbitrary code remotely on users’ devices. The security bugs impact
    the company’s SHAREit Android app, an application that downloaded more
    than 1 billion times, according to Google Play Store statistics.

    Reply
  8. Tomi Engdahl says:

    Home › SCADA / ICS
    Unprotected Private Key Allows Remote Hacking of Rockwell Controllers
    By Eduard Kovacs on February 26, 2021
    https://www.securityweek.com/unprotected-private-key-allows-remote-hacking-rockwell-controllers

    Industrial organizations have been warned this week that a critical authentication bypass vulnerability can allow hackers to remotely compromise programmable logic controllers (PLCs) made by industrial automation giant Rockwell Automation.

    The vulnerability, tracked as CVE-2021-22681 with a CVSS score of 10, was independently reported to Rockwell by researchers at the Soonchunhyang University in South Korea, Kaspersky, and industrial cybersecurity firm Claroty.

    Reply
  9. Tomi Engdahl says:

    Chinese hackers cloned attack tool belonging to NSA’s Equation Group
    Updated: The Jian tool was used to exploit a Windows zero-day vulnerability years before a patch was issued.
    https://www.zdnet.com/article/chinese-hackers-cloned-attack-tools-belonging-to-nsas-equation-group/?ftag=COS-05-10aaa0h&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=facebook

    Reply
  10. túi lọc bụi says:

    This article is extremely quality from the content to the image, hope you will continue to share it in the coming time. Thank you and respect you very much.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*