Security News > 2021 > January

Most modern endpoint protection services are capable of easily identifying traditional malware payloads as they are downloaded and saved on the endpoint, which means attackers have now turned to fileless malware techniques that never touch the victim's storage. Understanding fileless malware's M.O. Fileless malware is a bit of a misnomer, as it can - and often does - start with a file.

FM tools can determine whether a design has lurking security issues before implementation begins; show that an implementation matches the system design; and prove that the implementation is free of introduced defects such as low-level memory errors. Current and emerging FM re-imagines the ways FM tools can be practically applied to a broad range of software projects.

Driven by the pandemic, many consumers rely on mobile apps to buy everything from daily essentials to holiday gifts. According to a recent analysis, there are some alarming security concerns among some of the top 50 Android retail mobile apps.

A British court has rejected the U.S. government's request to extradite Wikileaks founder Julian Assange to the country on charges pertaining to illegally obtaining and sharing classified material related to national security. In a hearing at Westminster Magistrates' Court today, Judge Vanessa Baraitser denied the extradition on the grounds that Assange is a suicide risk and extradition to the U.S. prison system would be oppressive.

Tanya Janca, founder of We Hack Purple, an online learning academy, community and podcast that teaches how to create secure software, is also known as SheHacksPurple and is co-founder of WoSEC: Women of Security. In the first part she lays out security fundamentals, then talks about security requirements which stand at the base of the System Development Life Cycle.

The number of failed, delayed, or scaled-back projects is still high, at 79 percent. This potentially represents a significant waste of resources: enterprises spent an average of $5.5 million on failed DX projects over the year.

A development build of Windows Core Polaris was leaked online yesterday, proving that Microsoft was actively developing the operating system designed for low-performance devices. For those unaware, Microsoft has been secretly working on a modular version of the Windows platform codenamed "Windows Core OS." With Windows Core OS, Microsoft planned to offer different flavors/SKUs of Windows for various form factors, such as phones, 2-in-1s, dual-screen PCs, and collaboration devices.

Endpoint security issues equal some of the most challenging today and tomorrow. Budget allocations to cloud security will grow from single-digit to double as companies look to protect 2020 cloud buildouts in the year ahead. A Gartner analysis of 2021 cloud priorities names "Distributed cloud" as a future focus for businesses which will have significant security implications.

A PayPal text message phishing campaign is underway that attempts to steal your account credentials and other sensitive information that can be used for identity theft. When PayPal detects suspicious or fraudulent activity on an account, the account will have its status set to "Limited," which will put temporary restrictions on withdrawing, sending, or receiving money.

Google Chrome has fixed a bug that enabled antivirus programs on Windows 10 to lock newly created files. The patching of the bug means antivirus programs running on Windows would no longer block new files generated by the Chrome web browser, such as bookmarks.