Security News > 2021 > May

Cyber protection solutions provider Acronis on Tuesday announced that it has raised $250 million at a valuation of $2.5 billion. The funding, which brings the total raised by the company to more than $400 million, was led by CVC Capital Partners VII. Acronis announced achieving "Unicorn" status in 2019 after raising $147 million.

Chris Roberts, Chief Security Strategist at Cynet Security, offers a new Slack-based community for InfoSec leaders as a solution. The new InfoSec Leaders Community will feature several channels and will offer security leaders and decision-makers a fresh opportunity to both get advice and new knowledge and share it with others.

Microsoft Research's Project Freta aims to find invisible malware running on the cloud. Attackers have invested in smarter malware that can get around traditional security tooling, hiding underneath the operating system in memory, masking tell-tale signatures, and even deleting itself as soon as it detects security systems in action.

A week after Apple patched a macOS zero-day exploited by Shlayer malware for months for months, the company has released new security updates for macOS, iOS, iPadOS and watch OS that plug four additional zero-days that "May have been actively exploited". CVE-2021-30665 - a memory corruption issue in WebKit that could lead to arbitrary code execution when a user views maliciously crafted web content.

MITRE announced last week that the latest update to the popular ATT&CK framework introduces techniques related to containers and the Google Workspace platform. ATT&CK v9 adds container-related attack techniques, which is the result of a project conducted by MITRE's Center for Threat-Informed Defense and sponsored by Microsoft, Citigroup and JPMorgan Chase.

FireEye announced that Mandiant Managed Defense, Mandiant's managed detection and response service, now supports Microsoft Defender for Endpoint. "With threat conditions changing constantly, companies require trusted expertise with powerful analytical capabilities to ensure accurate and decisive execution - this is where Mandiant shines," said Marshall Heilman, Executive Vice President, Managed Defense and Advanced Practices, FireEye.

CloudVector enables customers to discover, monitor, and protect all API traffic in any environment from exploits and breaches. "As a pioneer in modern API security, Imperva protects our customers from the risks associated with the mis-use of APIs via exposures or attacks, and the exfiltration of sensitive data."

published revised CISSP educational materials for online and in-person courses. Students enrolled in CISSP education seminars through² or any of its Official Training Partners will receive instruction based on the revised CISSP exam, which took effect on May 1, 2021.

The malicious activity, collectively named "EmissarySoldier," has been attributed to a threat actor called LuckyMouse, and is said to have happened in 2020 with the goal of obtaining geopolitical insights in the region. "In order to compromise victims, LuckyMouse typically uses watering holes, compromising websites likely to be visited by its intended targets, ESET malware researcher Matthieu Faou said in a report published today."LuckyMouse operators also perform network scans to find vulnerable internet-facing servers run by their intended victims.

Iran has been linked to yet another state-sponsored ransomware operation through a contracting company based in the country, according to new analysis. "Iran's Islamic Revolutionary Guard Corps was operating a state-sponsored ransomware campaign through an Iranian contracting company called 'Emen Net Pasargard'," cybersecurity firm Flashpoint said in its findings summarizing three documents leaked by an anonymous entity named Read My Lips or Lab Dookhtegan between March 19 and April 1 via its Telegram channel.