Security News > 2021 > September

Over a decade after the zero trust security concept was first introduced, Ericom's survey results indicate that zero trust solutions are being widely adopted. Spurred by the recent sharp increase in ransomware and other sophisticated cyberattacks, the majority of organizations - 80% - have concrete plans to enable zero trust security solutions within the next year, with over half planning to begin implementation during 2021.

A spam campaign delivering spear-phishing emails aimed at South American organizations has retooled its techniques to include a wide range of commodity remote access trojans and geolocation filtering to avoid detection, according to new research. Cybersecurity firm Trend Micro attributed the attacks to an advanced persistent threat tracked as APT-C-36, a suspected South America espionage group that has been active since at least 2018 and previously known for setting its sights on Colombian government institutions and corporations spanning financial, petroleum, and manufacturing sectors.

Ransomware remains primary threat in the first half of the year as cybercriminals continued to target big-name victims. Working with third parties to gain access to targeted networks, they used Advanced Persistent Threat tools and techniques to steal and encrypt victims' data.

Amidst ongoing pandemic-driven change at work and at home, a SolarWinds survey seeks to understand how tech pros feel about their daily roles and responsibilities, the lessons they learned over the past year, and what they think of the primary technical and nontechnical skills needed to capitalize on opportunities for their future career growth. After a year of challenges and change, tech pros responding to this year's survey report a positive perception of their roles and say they look forward to what lies ahead. 48% of tech pro respondents say they're proud of what they do, another 44% love what they do, and 41% believe this year has proven they're more capable than they realized.

15% of organizations are still using a combination of disk and tape backups, with 51% now using online or cloud backups, a research by Databarracks has revealed. Cloud and online backups gaining popularity Cloud and online backups have continued to increase in popularity, climbing from 23% in 2008 to 51% in 2021.

How are businesses learning, collaborating, and applying industry best practices? The half-day SecTalks 2021 virtual cybersecurity conference will look at how to quantify security ROI, major vulnerabilities and threats, and proven strategies to evolve, improve and level up. Speakers will explore practical examples and share tips on how to effectively represent security in wider business conversations.

Douyin, the Chinese app known as TikTok outside the Middle Kingdom, has imposed limits on usage time for kids. In a weekend post to Tencent-operated portal qq.com, Douyin's owner ByteDance revealed that it has moved all users who have authenticated with their real names, and are under 14 years of age, into "Youth mode".

Google on Friday said it's bringing an Android 11 feature that auto-resets permissions granted to apps that haven't been used in months, to devices running Android versions 6 and above. The expansion is expected to go live later this year in December 2021 and enabled on Android phones with Google Play services running Android 6.0 or higher, which the company said should cover "Billions more devices." Google officially released Android 6.0 Marshmallow on October 5, 2015.

A newly spotted banking trojan has been caught leveraging legitimate platforms like YouTube and Pastebin to store its encrypted, remote configuration and commandeer infected Windows systems, making it the latest to join the long list of malware targeting Latin America after Guildma, Javali, Melcoz, Grandoreiro, Mekotio, Casbaneiro, Amavaldo, Vadokrist, and Janeleiro. " interesting new techniques to the pool of Latin American banking trojans' tricks, like using seemingly useless ZIP archives or bundling payloads with decoy BMP images," ESET researchers said in a technical analysis published on Friday.

A new Elon Musk-themed cryptocurrency giveaway scam called the "Elon Musk Mutual Aid Fund" or "Elon Musk Club" is being promoted through spam email campaigns that started over the past few weeks. Before you dismiss these scams, saying that no one falls for them, similar crypto scams have been hugely successful and have generated hundreds of thousands of dollars in the past.