Security News > 2021 > May

Apple on Monday patched security flaws in its software said to have been exploited in the wild by miscreants to hijack gear. WebKit, fixed in macOS Big Sur 11.3.1, can be tricked into executing arbitrary code by processing malicious web content - a bad webpage can take over the browser, in other words.

SNP has announced three CrystalBridge solution packages for moving SAP workloads to the cloud and for S/4HANA. Addressing customer needs for cloud and SAP S/4HANA migrations, delayed due to prerequisite projects, delivery risks, and high migration costs, SNP introduced three packaged solutions that compress project timelines, contain fees, and minimize business downtime during cutover for these initiatives. The new package options include SAP ECC landscape migration to the cloud, including application upgrades, database re-platforming, and Unicode conversions; selective data transition for ECC landscapes; and cloud migration from SAP ECC to S/4HANA. Proof of concept options for each of the packages are also available.

Ivanti, the company behind Pulse Secure VPN appliances, has released a security patch to remediate a critical security vulnerability that was found being actively exploited in the wild by at least two different threat actors. Tracked as CVE-2021-22893, the flaw concerns "Multiple use after free" issues in Pulse Connect Secure that could allow a remote unauthenticated attacker to execute arbitrary code and take control of the affected system.

Red Hat announced the general availability of OpenShift GitOps and OpenShift Pipelines, new features of Red Hat OpenShift. These capabilities help organizations to further reduce friction between development and operations teams by streamlining application development and deployment across the hybrid cloud.

uCloudlink has inked a cooperation agreement with Intercel to provide its mobile broadband devices and data services. The alliance will see Intercel distribute uCloudlink's GlocalMe mobile broadband devices and mobile data services in Australia.

McAfee announced a new evolution of its partnership, including a multi-year extended agreement, with Fujitsu Client Computing to deliver consumer security solutions to FCCL device users. McAfee and FCCL's longstanding partnership makes the integration of the products seamless to end-users allowing them to easily leverage McAfee security solutions to protect their digital lives.

Nonprofit health care provider Scripps Health in San Diego is currently dealing with a ransomware attack that forced the organization to suspend user access to its online portal and switch to alternative methods for patient care operations. Scripps Health detected the attack late on Saturday and suspended user access to applications like MyScripps and scripps.org that connected to health care facilities.

Ookla and Mapbox are engaging in a global partnership to create network-aware mapping solutions. Ookla and Mapbox are uniquely positioned to revolutionize geospatial network analysis and connectivity-aware mapping features through their combined capabilities and expertise.

Gaming has become one of the primary sources of entertainment for consumers in the wake of the global pandemic, and with the shift to a digital-first lifestyle, McAfee continues to focus on protecting consumers during moments that matter - when opportunistic hackers find an entry point - especially as gaming PC sales growing 16.2% in 2020. Launched in 2019, McAfee Gamer Security delivers a unique combination of performance and protection through its built-from-ground-up feature set, considering the needs of the wide spectrum of PC gaming - from families with children that game to PC gamers themselves.

Today, Apple has released security updates that fix two actively exploited iOS zero-day vulnerabilities in the Webkit engine used by hackers to attack iPhones, iPads, iPods, macOS, and Apple Watch devices. "Apple is aware of a report that this issue may have been actively exploited," the company said in multiple security advisories published today.