Security News > 2020 > April

Nutanix, a leader in enterprise cloud computing, and Wipro, a leading global information technology, consulting and business process services company, announced the launch of Wipro's Digital Database Services powered by Nutanix Era and Nutanix HCI software. Wipro's Digital Database Services, built on Nutanix solutions for Databases including Nutanix HCI software and Nutanix Era, allows enterprises and users to provision and manage databases just-in-time, without prior knowledge of hardware, database software and associated configurations.

Secret Double Octopus the pioneer of passwordless enterprise authentication, announced the closing of a $15 million Series B round to address the rapidly growing need for passwordless authentication and remote-access security in enterprise environments. Secret Double Octopus is considered a global leader in password elimination solutions.

Short-video biz Quibi, airline JetBlue, shopping site Wish, and several other companies leaked million of people's email addresses to ad-tracking and analytics firms through HTTP request headers, it is claimed. Netizens using web browsers that prioritize defenses against ad tracking, such as Brave, Firefox, and Safari, or who have installed suitable privacy extensions in other browsers, may have avoided having their email addresses spirited away.

Resecurity, a global leader in risk management and threat analysis, announces its partnership with Rajan Pant to help lead the geographic expansion into SAARC countries. Rajan has extensive experience in cyber law and digital forensics and will bring his 25 years of experience to partner with Resecurity as it redefines the way SAARC countries deal with cyber attacks and risk management.

A highly targeted phishing campaign, with a Microsoft file platform twist, has successfully siphoned the Office 365 credentials of more than 150 executives since mid-2019. Second, the initial phishing emails are sent from legitimate but previously compromised email addresses - which cloak the fact that they're attacker-controlled.

The open-source Salt management framework contains high-severity security vulnerabilities that allow full remote code execution as root on servers in data centers and cloud environments. "The ClearFuncs class also exposes the method prep auth info(), which returns the root key used to authenticate commands from the local root user on the master server. This root key can then be used to remotely call administrative commands on the master server. This unintentional exposure provides a remote un-authenticated attacker with root-equivalent access to the salt master."

Are you certain your users are working with strong passwords on your Linux servers? Let John the Ripper show you who is and who isn't. The security of your Linux servers is only as strong as the passwords used by your end users.

Google is striving to block Gmail messages and other content that exploit COVID-19, but there are steps users can take to fight such malware.

Since the cloud-native nature of new businesses is being developed around containerized microservices, this model provides greater security than trying to port your existing/old architectures for security to these cloud environments. Moving from a traditional security model to a cloud-native security model required us to make changes to two main areas, namely our infrastructure and our development process.

Since January, more than 4,000 domains related to coronavirus stimulus packages have been registered, many of them malicious or suspicious, according to Check Point Research.