Security News > 2021 > March

These Skills can often have security gaps and data protection problems, as a team of researchers from the Horst Görtz Institute for IT Security at Ruhr-Universität Bochum and North Carolina State University discovered, together with a former PhD student who started to work for Google during the project. In their study, the researchers around Christopher Lentzsch and Dr. Martin Degeling studied first-time the ecosystem of Alexa Skills.

In early 2021, security researchers identified a variant of the infamous Ryuk ransomware that is capable of lateral movement within the infected networks. Active since at least 2018 and believed to be operated by Russian cyber-criminals, the Ryuk ransomware has been involved in numerous high-profile attacks and researchers estimate the enterprise is worth $150 million.

The majority of all malware is now delivered via cloud applications, underscoring how attackers increasingly abuse popular cloud services to evade legacy security defenses putting enterprise data increasingly at risk, a Netskope research reveals. "Cybercriminals increasingly abuse the most trusted and popular cloud apps, especially for cloud phishing and cloud malware delivery," said Ray Canzanese, Threat Research Director at Netskope.

"Customer needs are changing, and so are the ways in which financial institutions need to interact with them," said Wayne Busch, President Financial Services and Insurance, NTT DATA Services. "Advancements in artificial intelligence, machine learning and data intelligence are giving banks vast capabilities to deliver what customers want - hyper-individualized, relevant and timely financial guidance to achieve their life ambitions."

Delivering on the SailPoint vision to embed identity into the cloud enterprise's digital fabric, SailPoint announced additional extensibility functionality to its platform. To enable customers and partners to find value with the updates, SailPoint also introduced the new SailPoint Developer Community to help them move quickly and with less effort.

Proact is launching a new version of its managed disaster recovery service, which allows customers to continue operating their businesses following disruptive events, regardless of where their data is located. Proact's new and updated disaster recovery solution protects data from customers' data centres, from Proact's newly updated PHC platform and from business servers sitting in public cloud platforms, such as AWS and Azure.

Maximus announced that it completed the acquisition of the Federal division of Attain. The acquisition is a natural fit and logical next step in furthering two core pillars of Maximus' long-term corporate strategy including accelerating digital transformation and the ongoing expansion into the U.S. federal market, which is a priority growth area.

"The Gootkit malware family has been around more than half a decade - a mature Trojan with functionality centered around banking credential theft," Sophos researchers Gabor Szappanos and Andrew Brandt said in a write-up published today. Dubbed "Gootloader," the expanded malware delivery system comes amid a surge in the number of infections targeting users in France, Germany, South Korea, and the U.S. First documented in 2014, Gootkit is a Javascript-based malware platform capable of carrying out an array of covert activities, including web injection, capturing keystrokes, taking screenshots, recording videos, as well as email and password theft.

As cybersecurity researchers continue to piece together the sprawling SolarWinds supply chain attack, top executives of the Texas-based software services firm blamed an intern for a critical password lapse that went unnoticed for several years. In a hearing before the House Committees on Oversight and Reform and Homeland Security on SolarWinds on Friday, CEO Sudhakar Ramakrishna testified that the password had been in use as early as 2017.

Innodisk is announcing new PCIe Gen 4 NVMe flash storage, DDR4-3200 DRAM, and CANbus & LAN modules. Innodisk's NVMe flash storage series now supports the latest PCIe Gen 4 interface with a staggering 7.88 GB/s transfer rate-double the bandwidth of Gen 3-that simultaneously lowers overall power consumption, reducing the overheating issues of many PCIe SSDs. Smart temperature control through thermal throttling firmware technology is convenient for users to monitor temperature changes of SSDs at any time, and protect data with higher performance.