Security News > 2021 > May

StorMagic announced that StorMagic SvSAN and Zerto have been validated with HPE Proliant servers. Delivered through the HPE Complete Program, this HPE validated solution allows customers to protect edge-to-edge, edge-to-core or edge-to-cloud workloads.

Bose Corporation has disclosed a data breach following a ransomware attack that hit the company's systems in early March. The audio maker hired external security experts to restore impacted systems after the attack and forensic experts to determine if any of its data was accessed or exfiltrated by the attackers.

CrowdStrike and Ernst & Young announced that CrowdStrike Falcon has been selected as one of the EY preferred cybersecurity technology platforms, strengthening the alliance between the two organizations. The CrowdStrike and EY teams are committed to helping customers in new areas as the alliance continues to grow outside the U.S. Recently, the alliance expanded into Australia, Belgium, Brazil, Canada and Italy.

Paian IT Solutions and Corent Technology announce the extension of their existing partnership, adding optimization and modernization of Microsoft Azure for customers using Corent Technology's SurPaaS ComPaaS platform. Paian IT Solutions is a provider of cloud services to the German, Austrian and Swiss markets.

Aqua Security announced that its Team Nautilus researchers were tapped by the MITRE ATT&CK team to contribute to the development of the new Container Framework. Aqua's contributions help to create a foundation for cloud security methodologies and shape the future of container security by illuminating key cloud native security attack vectors and methods observed in the wild by Aqua's threat research team.

ForgeRock announced the appointment of Chris Lyon as senior vice president and global head of engineering. In his new role, Lyon will lead global engineering and report to ForgeRock's chief product officer Peter Barker.

Justin Sean Johnson, a 30-year-old from Detroit, Michigan, has pleaded guilty to stealing the personally identifiable information of 65,000 employees of health care provider and insurer University of Pittsburgh Medical Center and selling it on the dark web. UPMC is Pennsylvania's largest health care provider that employs more than 90,000 employees in 40 hospitals and 700 doctors' offices and outpatient sites.

Apple on Monday rolled out security updates for iOS, macOS, tvOS, watchOS, and Safari web browser to fix multiple vulnerabilities, including an actively exploited zero-day flaw in macOS Big Sur and expand patches for two previously disclosed zero-day flaws. Tracked as CVE-2021-30713, the zero-day concerns a permissions issue in Apple's Transparency, Consent, and Control framework in macOS that maintains a database of each user's consents.

Apple has patched a hole in macOS that has been exploited by malware to secretly take screenshots on victims' Macs. Three flaws, including one spotted by Google's Project Zero, fixed in iOS 14.6 and iPadOS 14.6 can be exploited by a malicious app to run code with kernel-level privileges, allowing malicious software to completely take over the device.

As Microsoft continues to develop the Windows 10 21H2 feature update, we can use the preview builds to get a glimpse of the upcoming features, changes, and new group policies coming to the operating system this fall. In addition to new features, Microsoft is also adding new group policies for Windows 10 21H2 that we can see in current preview builds.