Security News > 2021 > July

The enterprise asset management space just got a bit more crowded with the launch of Sevco Security, an early-stage startup selling a "Cloud-native security asset intelligence platform." Sevco Security, based in Austin, Texas, has raised $15 million in Series A funding led by SYN Ventures.

A Nevada hospital confirmed its data servers had been breached after a hacking group posted images of personal information online it apparently acquired in a cyber theft. The Las Vegas Review-Journal reported that University Medical Center issued a statement confirming that cybercriminals in mid-June accessed a hospital server used to store data and that law enforcement was investigating.

If you don't like the idea of your Android search history being saved, Jack Wallen wants to show you how to set it to auto-delete. You might not know this, but out of the box, Android retains your search history, which means anyone who gains access to your phone can view what you've searched for.

Cyber insurance isn't exactly driving organisations to improve their infosec practices, a think-tank has warned - and some insurers are thinking of giving up thanks to the impact of ransomware. "To date, the shortcomings of cyber insurance mean that its impact is ultimately more limited than policymakers and businesses might hope," concluded the Royal United Services Institute's latest report, Cyber Insurance and the Cyber Security Challenge.

Cyber insurance isn't exactly driving organisations to improve their infosec practices, a think-tank has warned - and some insurers are thinking of giving up thanks to the impact of ransomware. "To date, the shortcomings of cyber insurance mean that its impact is ultimately more limited than policymakers and businesses might hope," concluded the Royal United Services Institute's latest report, Cyber Insurance and the Cyber Security Challenge.

A Tel Aviv, Israel-based artificial intelligence firm, with a mission to build trust in AI and protect AI from cyber threats, privacy issues, and safety incidents, has developed the opposite: an attack against facial recognition systems that can fool the algorithm into misinterpreting the image. "We decided to check how applicable our attack was against large-scale internet applications, and the attack worked surprisingly well on PimEyes."

Accenture Federal Services, the federal business of professional services giant Accenture, is acquiring Novetta, a company that provides advanced analytics services to government organizations in the US. Novetta provides, among other things, various types of cybersecurity services, including vulnerability research, incident response, digital forensics and malware analysis, and threat intelligence. Thrive acquires ONI. US-based managed services provider Thrive acquired UK-based data center services provider ONI. Both companies offer cybersecurity services, among many others.

The National Security Agency warns that Russian nation-state hackers are conducting brute force attacks to access US networks and steal email and files. In a new advisory released today, the NSA states that the Russian GRU's 85th Main Special Service Center, military unit 26165, has been using a Kubernetes cluster since 2019 to perform password spray attacks on US and foreign organizations, including the US government and Department of Defense agencies.

Security researchers at Microsoft are flagging multiple gaping security holes in firmware shipped on NETGEAR routers, warning that exploitation could lead to identity theft and full system compromise. The three vulnerabilities, rated critical by NETGEAR, affect the firmware on NETGEAR DGN-2200v1 series routers.

A study of exposed web-app attack surface reveals that insurance companies are not good at keeping their own security house in order. Kids with sports cars pay high motor insurance premiums and houses built on flood plains have high home insurance premiums.