Security News > 2021 > May

As devastating ransomware attacks continue to have far-reaching consequences, companies still try to hide the attacks rather than be transparent. Volue's transparency is in stark contrast to the disclosures typically seen in ransomware attacks and should be used as a model for future disclosures.

"We need to bring not just the security professionals but IT and business leaders into the community as well," he said. "We have great new technologies like 5G and Wi-Fi 6, continued explosion of public cloud, workers that will work from home forever or in a hybrid model as we go forward," he said.

Threat actors impersonated Truist, the sixth-largest US bank holding company, in a spear-phishing campaign attempting to infect recipients with what looks like remote access trojan malware. In one of the attacks targeting a renewable energy company in February 2021, the phishing emails instructed the target to download a malicious Windows app mimicking the legitimate Truist Financial SecureBank App and supposedly needed to complete the process behind a $62 million loan.

Intel execs stressed the importance of secure technologies and solid collaborations to improve product resilience and fuel innovation. The "Chat" was moderated by Suzy Greenberg, vice president of Intel product assurance and security, and the Intel executive panel were Amy Santoni, principal engineer, security architecture and engineering group; Ron Perez, fellow, security architecture, data platform group; Tom Garrison, vice president and general manager of client security strategy and initiatives; and Michael Nordquist, senior director of strategic planning and architecture, client computing group.

Users of video cameras from home gadget maker Eufy are reporting that their video feeds seem to have been getting mixed up. Apparently, it's not so much that anyone could sneakily login as user X and snoop on X's video feed remotely.

Satori, a DataSecOps company revolutionizing data access, security and privacy for the modern data infrastructure, has been named one of 10 finalists for the RSA Conference 2021 Innovation Sandbox Contest for its work democratizing and protecting sensitive data in the cloud using a SaaS-based transparent setup. Satori allows monitoring and governing of data usage and data access in the cloud.

The 12% bump in spending will be driven by ongoing demand for remote workers and cloud security, says Gartner. In a report released Monday, research firm Gartner forecast that global spending on information security and risk management services will jump to $150.4 billion this year, a gain of 12.4% from last year.

Today, the UK government has announced a call for advice on defending against software supply-chain attacks and ways to strengthen IT Managed Service Providers across the country. The move comes after last week when President Biden had issued an executive order to increase cybersecurity defenses across the U.S. The government's invitation to provide feedback that will be open for almost two months comes at a time of prominent cyberattacks such as, the Colonial Pipeline incident, the Codecov supply-chain attack, and ransomware attacks on mission-critical organizations [1, 2] that continue to grow.

The Federal Bureau of Investigation warned that scammers actively target the vulnerable families of missing persons attempting to extort them using information shared on social media. "These actors identify missing persons through social media posts and gather information about the missing person and family to legitimize their ransom demands without ever having physical contact with the missing person," the FBI said.

For a ransomware gang whose servers were purportedly commandeered last week, DarkSide has had a server-fueled weekend, with a reported hit on Toshiba Business. Late on Thursday night came a post to the "Exploit" underground forum that looked, at least, to be from DarkSide.