Security News > 2021 > May

Google on Wednesday updated its May 2021 Android Security Bulletin to disclose that four of the security vulnerabilities that were patched earlier this month by Arm and Qualcomm may have been exploited in the wild as zero-days. CVE-2021-1906 - A flaw concerning inadequate handling of address deregistration that could lead to new GPU address allocation failure.

Yugabyte announced an expanded global footprint with the opening of new business operations in the EMEA and APAC regions. Currently, Yugabyte has more than 100 employees worldwide and plans to double its headcount in the current fiscal year across all regions with a strategic focus on engineering, sales, and technical support functions.

Cynerio will use the funding to fully realize its vision of being the healthcare industry's go-to cybersecurity and asset management solution by expanding its channel program, forming strategic partnerships with leading solution providers and expanding its clinically-intelligent toolbox of preemptive and proactive zero trust solutions into a full-service, responsive security platform. "It's critical to have partners who intimately understand the healthcare industry and its exceptional needs, especially now with the unprecedented pressures COVID-19 has introduced. Cynerio is extremely grateful for the continued faith and support of Elron, Accelmed and MTIP," said Leon Lerman, CEO and co-founder of Cynerio.

Commentary: It's progress that President Biden's executive order recognizes the need to secure open source software. Writing at that time, Recordon said, "The pandemic and ongoing cyber security attacks present new challenges for the entire Executive Office of the President." Fast forward to May 2021, and President Biden issued an executive order on improving the nation's cybersecurity, with Recordon's open source fingers all over the document.

The new funds will accelerate development of the Cortex platform, which enables engineering leaders and site reliability engineers to move beyond manual processes to gain visibility and control of rapidly expanding microservices. "But microservices proliferation has side effects: engineering and SRE leaders are challenged to track what services exist, how they depend on one another and what their quality is. The Cortex platform puts all that information at their fingertips, and makes it easy to launch team-wide initiatives to improve service quality."

Popular German cloud hosting and dedicated server provider Hetzner has banned cryptomining on its servers after users have been using their large storage devices to mine Chia. For those not familiar with Chia, instead of mining the cryptocurrency with specialized equipment or graphics cards, it uses a new mining system called Proof of Space and Proof of Time.

We saw the debut of a new botnet, Simp, that infects IoT devices in tandem with the prolific Gafgyt botnet. There are tens of thousands of vulnerable IoT devices to be found with a Shodan search: The researchers pointed to a search that turned up 25,959 printers connected to the internet and 284,092 webcams.

The NFTs are going to be stored in there, the owner of those NFTs and those things. Karen Roby: Rick, expand a little bit on who's buying these, who's selling, who's involved within NFTs. Rick McElroy: When you look at some of these transactions, multiple millions of dollars invested, look, I think for artists themselves, it's pretty cool.

Criminals can launder money through NFTs and even steal them. One expert says there are some ways to keep yours safe.

Threat actors are cashing in on the rapid shift to cloud-based business services during the pandemic, by hiding behind ubiquitous, trusted services from Microsoft and Google to make their email phishing scams look legit. In the first three months of 2021 alone, researchers found 7 million malicious emails sent from Microsoft 365 and a staggering 45 million sent from Google's infrastructure, Proofpoint reported, adding that cybercriminals have used Office 365, Azure, OneDrive, SharePoint, G-Suite and Firebase storage to send phishing emails and host attacks.