Security News > 2021 > April

Cloud-based security operations and management startup StrikeReady this week emerged from stealth mode after raising $3.6 million in seed funding. Palo Alto, California-based StrikeReady says it will use the infusion of funds to accelerate go-to-market and sales, as well as to expand its research and development team.

Hackers suspected to work for the Chinese government have used a new malware called PortDoor to infiltrate the systems of an engineering company that designs submarines for the Russian Navy. Threat researchers at Cybereason Nocturnus found that the attacker lured the recipient to open the malicious document with a general description for an autonomous underwater vehicle.

A zero-day vulnerability addressed by SonicWall in its Secure Mobile Access appliances earlier this year was exploited by a sophisticated and aggressive cybercrime group before the vendor released a patch, FireEye's Mandiant unit reported on Thursday. Over the past half a year, a new cybercrime group has been observed using a broad range of malware and employing aggressive tactics to pressure ransomware victims into making payments.

Now that you have your Pritunl VPN server up and running, Jack Wallen shows you how to connect the client. In a recent how-to, I walked you through the process of installing the Pritunl VPN server on Ubuntu 20.04.

Apple just patched a MacOS vulnerability that bypassed malware checks. The flaw is akin to a front entrance that's barred and bolted effectively, but with a cat door at the bottom that you can easily toss a bomb through.

Security researchers at Microsoft are warning the industry about 25 as-yet undocumented critical memory-allocation vulnerabilities across a number of vendors' IoT and industrial devices that threat actors could exploit to execute malicious code across a network or cause an entire system to crash. Dubbing the newly discovered family of vulnerabilities "BadAlloc," Microsoft's Section 52-which is the Azure Defender for IoT security research group-said the flaws have the potential to affect a wide range of domains, from consumer and medical IoT devices to industry IoT, operational technology, and industrial control systems, according to a report published online Thursday by the Microsoft Security Response Center.

GitHub wants to update its policies regarding security research, exploits and malware, but the cybersecurity community is not happy with the proposed changes. The community has been asked to provide feedback until June 1 on proposed clarifications regarding exploits and malware hosted on GitHub.

The Dutch government has temporarily disabled its coronavirus warning app amid data privacy concerns for people who have the app installed on phones using the Android operating system. Health Minister Hugo de Jonge announced late Wednesday that the CoronaMelder app will stop sending warnings for 48 hours while the government checks if users' data is secure.

The Internet Systems Consortium has released updates for the BIND DNS software to patch several vulnerabilities that can be exploited for denial-of-service attacks and one possibly even for remote code execution. Only servers using a certain feature with non-default configurations are vulnerable to attacks, but ISC suggested these types of servers may not be uncommon.

As of a few hours ago, Codecov has started notifying the maintainers of software repositories affected by the recent supply-chain attack. Codecov has now disclosed multiple IP addresses as IOCs that were used by the threat actors to collect sensitive information from the affected customers.