This week marked the first Tuesday in September, and to start off the month, Microsoft issued 42 important security alerts. Among them, CVE-2021-40444 noted that the company is “investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.” Also on Tuesday, Twitter published findings from its bias bounty challenge. The results of the algorithmic bias assessment, “confirmed the model was not treating all people fairly.”
The Department of Justice also announced that a Ukrainian cybercriminal has been extradited to the United States for alleged involvement in “trafficking in unauthorized access devices, and trafficking in computer passwords.”
As many states and municipalities prepare for upcoming local elections, the Washington Post 202 reported, “major election vendors are getting ready to produce new voting machines that meet a slate of upgraded security standards. But those machines won't be ready until around 2024, they told the Election Assistance Commission … The machines likely won’t be widely used by voters until the 2026 midterm elections or later.” But federal, state and local agencies don’t need to wait until 2026 to understand how to secure election infrastructure. Check out a variety of educational content available in our Library.
Now let’s look at what other events made cybersecurity headlines this week.
Sept. 10: The United Nations confirmed that its systems were breached as the result of a cyberattack in April 2021.
Sept. 10: An exclusive report from Reuters revealed, “A U.S. Securities and Exchange Commission investigation into the SolarWinds Russian hacking operation has dozens of corporate executives fearful information unearthed in the expanding probe will expose them to liability, according to six people familiar with the inquiry.”
Sept. 9: Security researchers question the efficacy of Apple’s bug bounty program, which reportedly is “slow to fix reported bugs and does not always pay hackers what they believe they’re owed.”
Sept. 9: Threatpost reported, “Attackers have been targeting the Kurdish ethic group for more than a year through an Facebook-based spyware campaign that disguises backdoors in legitimate Android apps, researchers have found.”
Sept. 8: According to the 2021 Threat Hunting Report published by CrowdStrike, attackers are able to gain access to target networks and move laterally more quickly—in as little as 30 minutes.
Sep. 8: A blog post from Mandiant Threat Intelligence warned of significant developments in the campaigns conducted by “a pro-People’s Republic of China (PRC) network of hundreds of inauthentic accounts on Twitter, Facebook, and YouTube.”
Sept. 7: An effort to limit the term of the Director of the Cybersecurity and Infrastructure Security Agency (CISA) to five years is afoot in Congress and reportedly has bipartisan support.
Sept. 7: “The operators behind the REvil ransomware group have resurfaced after allegedly closing shop following the widespread attack on Kaseya,” ZDNet reported.
Sept. 7: In order for classes to resume in the aftermath of a ransomware attack, Howard University said that it spun up an alternative WiFi system on campus but that online and hybrid classes remained halted.
Sept. 6: A spokesperson for the German government told Reuters that Russian actors are to blame for the cyberattack on Germany’s parliament.
Sept. 6: Infosecurity Magazine reported, “A British cybersecurity student has scammed an elderly woman out of thousands of dollars by pretending to be a member of Amazon’s technical support team.”