Security News > 2021 > January

Investment firm Francisco Partners said on Monday that has completed the previously announced acquisition of Forcepoint from Raytheon Technologies. Coinciding with the completion of the transaction, Manny Rivelo has been appointed Chief Executive Officer of the security company effective immediately.

Microsoft announced today that Microsoft Defender for Endpoint's detection and response capabilities are now generally available on Linux servers. Microsoft Defender for Endpoint was first showcased during the Ignite 2019 conference, entered public preview in February 2020, and it was made generally available in June 2020.

A landmark High Court ruling has struck down Britain's ability to hack millions of people at a time through so-called "General warrants" in what privacy campaigners are hailing as a major victory. Speaking on Friday afternoon when the judicial review judgment was handed down, Caroline Wilson Palow, PI's legal director, said in a statement: "General warrants are no more permissible today than they were in the 18th century. The government had been getting away with using them for too long. We welcome the High Court's affirmation of these fundamental constitutional principles."

Networking device maker Ubiquiti has announced a security incident that may have exposed its customers' data. Ubiquiti is a very popular networking device manufacturer best known for its UniFi line of wired and wireless network products and a cloud management platform.

Security researchers with Sakura Samurai identified exposed GitHub credentials on a United Nations Environment Programme subdomain, which allowed them to access a trove of data, including more than 100,000 employee records. While researching security flaws in assets within the scope of The United Nations' vulnerability disclosure program, the Sakura Samurai researchers discovered an ilo.org subdomain that exposed.

An employee at emergency roadside rescue biz RAC has received an eight-month suspended prison sentence for unsanctioned access to computer systems that saw her sell customers' data to an accident claims management company. Kim Doyle pleaded guilty to charges of conspiracy to secure unauthorised access to computer data and cashing in on RAC punters' personal information that she passed to William Shaw, director of TMS, trading as LIS Claims.

In July 2018, after many years of using Yubico security key products for two-factor authentication, Google announced that it was entering the market as a competitor with a product of its own, called Google Titan. Security keys of this sort are often known as FIDO keys after the Fast IDentity Online Alliance, which curates the technical specifications of a range of authentication technologies that "[p]romote the development of, use of, and compliance with standards for authentication and device attestation".

Researchers have identified some similarities between the Sunburst malware used in the SolarWinds supply chain attack and Kazuar, a backdoor that appears to have been used by the Russia-linked cyber-espionage group known as Turla. On Monday, Kaspersky reported finding an interesting link between the Sunburst malware delivered by the SolarWinds attackers and Kazuar, a.NET backdoor that has been around since at least 2015 and which was first detailed in 2017 by Palo Alto Networks.

Microsoft has unveiled today the new Surface Pro 7+ for enterprise and educational customers, an ultra-light 2-in-1 device that comes with Windows Enhanced Hardware Security features enabled by default. The new Surface PC will help defend against escalation of privilege attacks which target sensitive info stored in a device's memory with the help of virtualization-based security and Hypervisor-protected code integrity - also known as Memory Integrity.

Embattled and embarrassed network management shop SolarWinds has reportedly hired two of the highest profile security bods in the biz to sort out its woes. On Friday the news broke that Chris Krebs, formerly the head of the US government's Cybersecurity and Infrastructure Security Agency until he was fired by presidential tweet for saying the American election wasn't hacked, has started a consultancy with former Facebook and Yahoo! security chief Alex Stamos.