Security News > 2021 > January
In an effort to prevent attacks from being launched via its iMessage feature, Apple has debuted a security service called BlastDoor in iOS 14, its current mobile operating system version. The service comes on the heels of a recently uncovered iMessage zero-click exploit, which was being leveraged in an espionage attack against Al Jazeera journalists and executives.
Companies are most vulnerable when employees work from home or use a combination of company and personal devices.
Some companies are using monitoring software to keep tabs on employees working from home. Some organizations are crying foul.
Chicago-based wireless carrier UScellular started informing customers last week that their personal information may have been accessed and their phone numbers ported as a result of a cybersecurity breach. Since employees were already logged into the CRM system, the attackers were able to access the CRM with the employee credentials and access wireless customer accounts and phone numbers.
Attackers are tricking employees into logging into phishing sites.
The domain name perl.com was stolen and now points to an IP address associated with malware campaigns. On January 27th, Perl programming author and Perl.com editor brian d foy tweeted that the perl.com domain was suddenly registered under another person.
Put another way, unemployment fraud has been rampant since the beginning of the pandemic, with virtually every US state affected. What exactly is unemployment fraud? While there are different types, the version seen during the COVID-19 pandemic involves filing fraudulent unemployment claims.
Endpoint management and security solutions provider Tanium this week announced the sale of $150 million in common stock to Ontario Teachers' Pension Plan Board. Ontario Teachers' made the funding investment through its Teachers' Innovation Platform, which is involved in late-stage venture and growth equity investments in validated technologies.
Apple has added added security features to mitigate the risk of zero-click iMessage attacks. Apple did not document the changes but Groß said he fiddled around with the newest iOS 14 and found that Apple shipped a "Significant refactoring of iMessage processing" that severely cripples the usual ways exploits are chained together for zero-click attacks.
You may know where your data is, but do you also know what the data consists of? "Imagine you're at a party. You ask someone you've just met what they do for a living, and they answer: 'I work in data,'" said Sky Cassidy, CEO of MountainTop Data, in an email interview. Cassidy, familiar with the vagaries of data collection and its usage, is on a quest to make sense of what he calls misunderstood data.