Security News > 2021 > September

Apple has released security updates for macOS, iOS, iPadOS, watchOS and Safari that patch two vulnerabilities that are being exploited in attacks in the wild. Active exploitation of CVE-2021-30860, a integer overflow bug that could be exploited via a maliciously crafted PDF to achieve execution of malicious code on vulnerable devices, was flagged by researchers with The Citizen Lab, an interdisciplinary laboratory based at the Munk School of Global Affairs at the University of Toronto, Canada.

UK-headquartered Kape Technologies announced on Monday it has acquired ExpressVPN in a $936m cash and stocks deal, a move it claims will double its customer base to at least six million. In a canned statement, Kape said combining the two companies would "Create a premium consumer privacy and security player," and that the acquisition "Further positions Kape to define the next generation of privacy and security protection tools and services to return greater control over the digital sphere to consumers."

UK-headquartered Kape Technologies announced on Monday it has acquired ExpressVPN in a $936m cash and stocks deal, a move it claims will double its customer base to at least six million. In a canned statement, Kape said combining the two companies would "Create a premium consumer privacy and security player," and that the acquisition "Further positions Kape to define the next generation of privacy and security protection tools and services to return greater control over the digital sphere to consumers."

Users searching for TeamViewer remote desktop software on search engines like Google are being redirected to malicious links that drop ZLoader malware onto their systems while simultaneously embracing a stealthier infection chain that allows it to linger on infected devices and evade detection by security solutions. First discovered in 2016, ZLoader is a fully-featured banking trojan and a fork of another banking malware called ZeuS, with newer versions implementing a VNC module that grants adversaries remote access to victim systems.

A newly discovered side-channel attack demonstrated on modern processors can be weaponized to successfully overcome Site Isolation protections weaved into Google Chrome and Chromium browsers and leak sensitive data in a Spectre-style speculative execution attack. Dubbed "Spook.js" by academics from the University of Michigan, University of Adelaide, Georgia Institute of Technology, and Tel Aviv University, the technique is a JavaScript-based line of attack that specifically aims to get around barriers Google put in place after Spectre, and Meltdown vulnerabilities came to light in January 2018, thereby potentially preventing leakage by ensuring that content from different domains is not shared in the same address space.

Researchers on Monday took the wraps off a newly discovered Linux and Windows re-implementation of Cobalt Strike Beacon that's actively set its sights on government, telecommunications, information technology, and financial institutions in the wild. The as-yet undetected version of the penetration testing tool - codenamed "Vermilion Strike" - marks one of the rare Linux ports, which has been traditionally a Windows-based red team tool heavily repurposed by adversaries to mount an array of targeted attacks.

For CISOs, juggling the vast scale of a tech stack and the attackers using increasingly sophisticated techniques calls for a new approach to security to keep systems, data, and devices safe. We get alerts from our development platforms, the Continuous Integration system, the security monitoring tools, even our watches.

Layer 1 of the OSI model has become a fertile ground for attacks and, effectively, the soft underbelly of cybersecurity. Cyberattacks on the physical, hardware level happen when a disgruntled employee plants a rogue device within the organization's infrastructure and runs off with his now-former company's proprietary information.

The 616 data breaches reported this past year to the US Department of Health & Human Services have resulted in the exposure / compromise of 28,756,445 healthcare records. "The effects of Covid-19, including hospitals at capacity and employee strain, have left the healthcare industry especially vulnerable. Some of the biggest threats to PHI include phishing and ransomware attacks, but also human error, a lag in network security, and blind spots in email encryption."

This article can help you quantify the level of security of your databases on a scale of 1 to 10. Rating 2 is for databases where both the database and operating system are configured by following industry standards and best practices.