Security News > 2021 > May

More than 20 businesses worldwide have announced the creation of the Data Privacy Protocol Alliance, to build a decentralized blockchain-based data ecosystem that provides consumers control of their data and competes against the entrenched data monopolies. Ownership of our personal data is the cornerstone of a future where data privacy is inherent, and data monetization is available.

Frequencz offers an innovative alternative enabling the private network ecosystem to deliver the benefits of 5G to an underserved enterprise market. Frequencz delivers cloud economics to radio that will disrupt how private networks are built, operated and managed for dedicated or shared access.

MITRE has named Wen Masters as vice president for cyber technologies, where she will lead corporate cybersecurity strategy beginning May 17, 2021. Masters will be responsible for developing a wide range of cyber capabilities and solutions, including programs that address key economic and national security challenges such as securing critical infrastructure against foreign exploitation and protecting American intellectual property from cyber theft by foreign adversaries.

Twitter is rolling out a new feature for iOS and Android mobile apps that aims to bring "Bigger and better" images to your timeline in the form of tall and uncropped photos. Since March, Twitter has been testing the new feature on mobile apps that allow you to see larger and taller images in your timeline rather than cropped 16:9 images.

Another new information stealer - Panda Stealer - is being spread through a worldwide spam campaign. The researchers found 264 files similar to Panda Stealer on VirusTotal, with some of them being shared by threat actors on Discord.

Security professionals are bracing for the next phase of the remote work reality: personal devices coming back into the office and bringing along all the associated security risks. Security teams are worried about the security status of laptops, smartphones and tablets employees will bring to the office after using them on a home network for months without proper supervision or control.

An SQL-injection vulnerability discovered in a WordPress plugin called "Spam protection, AntiSpam, FireWall by CleanTalk" could expose user emails, passwords, credit-card data and other sensitive information to an unauthenticated attacker. Spam protection, AntiSpam, FireWall by CleanTalk is installed on more than 100,000 sites, and is mainly used to weed out spam and trash comments on website discussion boards.

The United States Department of Defense this week announced an expansion of the scope of its vulnerability disclosure program to include all of its publicly accessible information systems. The program has been running on HackerOne since 2016 when the DOD's Hack the Pentagon initiative was launched and provides security researchers with means to engage with the DOD when they identify vulnerabilities in the department's public-facing websites and applications.

Cisco has fixed critical SD-WAN vManage and HyperFlex HX software security flaws that could enable remote attackers to execute commands as root or create rogue admin accounts. Cisco SD-WAN vManage Software vulnerabilities patched today by Cisco could enable unauthenticated, remote attackers to execute arbitrary code or access sensitive information.

If you received an email in April stating that your active Microsoft Teams Free account is being deleted, this email was sent by mistake and Microsoft is not deleting your data. In a new article posted yesterday by Microsoft Product Manager Sam Cosby, Microsoft explains that these emails were sent by mistake and active Microsoft Teams Free organizations will not be deleted if they are actively used.