Security News > 2021 > April

The new integrations extend NeuVector's collaboration with IBM to provide container security capabilities for IBM Cloud clients. NeuVector has already helped IBM Cloud clients secure their container environments through IBM Cloud Kubernetes Service.

Cloudentity announced its new CPO, Brook Lovatt, who joins the team to drive product innovation in 2021 and beyond. With over 20 years of experience specific to Identity and Access Management as an executive at IBM and several security-focused boutique consulting firms, Brook Lovatt is an industry expert who will play a key role in helping Cloudentity to strategically drive its product roadmap forward.

WALLIX announced the expansion of its channel team with the appointment of Yoann Delomier as Operational Technology Business Developer. In his new role, Delomier will be responsible for helping WALLIX to raise its presence in the industrial space.

Ransomware gang now warns they will leak new Apple logos, iPad plans. The REvil ransomware gang has mysteriously removed Apple's schematics from their data leak site after privately warning Quanta that they would leak drawings for the new iPad and new Apple logos.

Its not the recent version, hope it doesn't get deleted. Include "c:openssl-fips-2.0.16cryptoshasha256.c"#include "c:openssl-fips-2.0.16includeopensslsha.h". int main() ;//unsigned char checking = ;//unsigned char checking = ;unsigned char checking = ;.

Bank holding company First Horizon Corporation disclosed the some of its customers had their online banking accounts breached by unknown attackers earlier this month. First Horizon Bank, the company's banking subsidiary, operates a network of hundreds of bank locations in 12 states across the Southeast.

A previously undocumented backdoor malware, dubbed PortDoor, is being used by a probable Chinese advanced persistent threat actor to target the Russian defense sector, according to researchers. The malware then creates an additional file in %temp% with the hardcoded name "58097616.tmp" and writes the GetTickCount value multiplied by a random number to it: "This can be used as an additional identifier for the target, and also as a placeholder for the previous presence of this malware," researchers explained.

A new message today from the operators of Babuk ransomware clarifies that the gang has decided to close the affiliate program and move to an extortion model that does not rely on encrypting victim computers. The gang seems to have chosen a road different from the ransomware-as-a-business model, where the hackers steal data before deploying the encryption stage, as leverage in negotiations for the ransom payment.

In a post on Thursday, the researchers picked apart the WeSteal cryptocurrency wallet-pickpocketing tool and a related remote-access trojan called WeControl, saying that it's "Shameless" the way the developers aren't even trying to hide the tools' true intent. Code samples point to WeSteal having evolved from that earlier tool.

Supply chain researcher Max Justicz noticed that he could upload new PHP packages that would trick the Packagist system into running commands of his choice, rather than simply dowloading and publishing his submission. The 2018 exploit involved simply swapping out a URL for a system command, and instead of Composer downloading data from a URL, it would inadvertently run the command inserted where the URL was supposed to be.