Security News > 2021 > May

Proofpoint researchers said that they're confident that there's a "Strong overlap" between the distribution and post-exploitation activity of BazaLoader and the threat actors behind The Trick malware, also known as Trickbot. This isn't the first time that Proofpoint has seen intricately composed BazaLoader email threat campaigns that have required a significant amount of human interaction - including phone-based customer service representatives - in order to trigger the malware download. Security researchers have dubbed the call-center or live-human method "BazarCall".

Google has added a new batch of Chrome Actions for early testing in the latest Google Chrome web browser releases before the feature's worldwide rollout later this year. Chrome Actions is a recently introduced experimental Chrome feature that allows you to type in a command, causing an action to be displayed inline in the browser's address bar search results.

In this presentation, Microsoft's John Lambert will talk about how it's more important than ever for defenders and organizations to come together and better share information that can help the entire ecosystem protect against emerging threats. The good news is there are industry frameworks and sharing mechanisms already in place to facilitate actionable threat intelligence and defense collaboration.

Palo Alto, California-based API protection company Salt Security today announced that it raised $70 million in Series C funding, which brings the total raised to date to $131 million. Salt Security was founded in 2016 and emerged from stealth mode in 2019 with $10 million seed investment.

Microsoft has addressed some of the annoyances reported by users of the newly released Windows 10 'News and Interests' feature in the latest preview update released for Windows 10 2004, 20H2, and 21H1. Using News and Interests, Windows 10 displays news stories and articles matching a profile of the logged-in users' interests based on their historically read content and various widgets with 'snackable' local forecast, sports, stocks, and traffic information. Microsoft improved the News and Interests hover experience this week by adding an 'Open on hover' option to its taskbar submenu to prevent accidentally opening the News and Interests user interface.

Apostle seems to be a new strain of malware that destroys data. In a post published Tuesday, SentinelOne researchers said they assessed with high confidence that based on the code and the servers Apostle reported to, the malware was being used by a newly discovered group with ties to the Iranian government.

VMware has urged customers to immediately patch a critical vulnerability affecting vCenter Server, the management interface for vSphere environments. According to VMware, the vulnerability impacts the vSphere Client, specifically the Virtual SAN Health Check plugin, which is enabled by default in vCenter Server even if the plugin is not actually being used.

Identity very much seems to be an acquired taste Most everyone's first experience with identity comes down to usernames and passwords. Luckily we have enterprises forcing constant evolution in identity out of business-driven use cases.

Nuclear-armed North Korea is advancing on the front lines of cyberwarfare, analysts say, stealing billions of dollars and presenting a clearer and more present danger than its banned weapons programmes. Pyongyang is under multiple international sanctions over its atomic bomb and ballistic missile programmes, which have seen rapid progress under North Korean leader Kim Jong Un. But while the world's diplomatic focus has been on its nuclear ambitions, the North has been quietly and steadily building up its cyber capabilities, and analysts say its army of thousands of well-trained hackers are proving to be just as dangerous.

With the sprawling, dynamic nature of today's networks, if you don't adopt a Zero-Trust approach, then a breach in one part of the network could quickly cripple your organization as malware, and especially ransomware, makes it way unhindered throughout the network. So how should organizations go about applying the Zero Trust blueprint to address their new and complex network reality? These five steps represent the most logical way to achieve Zero-Trust networking, by finding out what data is of value, where that data is going and how it's being used.