Security News > 2021 > June

Google Compute Engine virtual machines can be hijacked and made to hand over root shell access via a cunning DHCP attack, according to security researcher Imre Rad. Though the weakness remains unpatched, there are some mitigating factors that diminish the potential risk. A successful attack involves overloading a victim's VM with DHCP traffic so that it ends up using a rogue attacker-controlled metadata server, which can be on the same network or on the other side of the internet.

To capitalize on that growth, and enable 5G to scale up to its potential, communication service providers are leveraging iconectiv TruOps Common Language to ensure that their physical and virtual infrastructure can support all of the new 5G services at scale. Now, iconectiv is bringing that expertise to our new partnership with the 5G Open Innovation Lab, which focuses on fueling the development of new capabilities and services that will transform the enterprise.

McAfee and CenturyLink announced that CenturyLink has selected McAfee to provide complete home digital protection for new customers of the company's leased modems. For qualifying CenturyLink consumer and small business customers, innovative protection from McAfee is now available as soon as they plug their modem into the wall and connect to the internet, providing them with strong protection for their internet connected devices.

BioConnect announced a collaboration with HID Global to bring authentication to its HID Mobile Access solution alongside a mobile survey option for wellness declaration for employee health status and activity logging. BioConnect expands the options for HID Mobile Access users with enterprise issued biometrics or multi-factor authentication right from their mobile device with the BioConnect Mobile Authenticator to meet new and more stringent compliance requirements.

An unpatched security vulnerability affecting Google's Compute Engine platform could be abused by an attacker to take over virtual machines over the network. "This is done by impersonating the metadata server from the targeted virtual machine's point of view," security researcher Imre Rad said in an analysis published Friday.

Huawei launched a series of 5G products and solutions oriented to "1+N" 5G target networks. Supercharged by innovation, these products and solutions will help promote multi-antenna technology to all bands and all scenarios to build leading 5G networks.

Accenture has acquired Sentor, a Sweden-based independent provider of cyber defense and managed security services. The company's portfolio includes advisory services, security testing, managed detection and incident-response capabilities, powered by a 24/7/365 security operations center in Stockholm.

JFrog has accelerated its efforts to provide security offering to support DevOps users as they respond to the disruption in the market for continuous software delivery. As part of the JFrog Platform, Vdoo will accelerate JFrog's vision of becoming the company behind all software updates and creating a world of Liquid Software by expanding its end-to-end DevOps Platform offering, providing holistic security from the development environment all the way to edges, IoT and devices.

New issues pop up in every new release of Windows, so it's not surprising that we will find numerous bugs in the early preview builds of Windows 11. Thankfully, most of the bugs have been pretty easy to fix so far and should get you back up and running playing with Windows 11.

IntelePeer accelerated its channel strategy with the appointment of Brent Earlewine to Senior Vice President of Indirect Channels and Vincent Zandvliet to Senior Vice President Alliances - IBM Business. Two major additions to its growing executive team, both bring decades of invaluable experience, insight and talent to both IntelePeer and its customers.