Security News > 2021

Recently patched Microsoft Exchange vulnerabilities are under fire from at least 10 different advanced persistent threat groups, all bent on compromising email servers around the world. Microsoft said in early March that it had spotted multiple zero-day exploits in the wild being used to attack on-premises versions of Microsoft Exchange Server.

Netgear has released a swathe of security and firmware updates for its JGS516PE Ethernet switch after researchers from NCC Group discovered 15 vulnerabilities in the device - including an unauthenticated remote code execution flaw. The switch is vulnerable to nine high-severity vulns and a further five medium-rated ones, said NCC Group IT security consultant Manuel Ginés Rodriquez in a damning blog post about his findings.

Cloud data governance and security solutions provider Privacera this week announced that it has closed a $50 million Series B funding round, roughly half a year after raising $13.5 million in a Series A round. Founded in 2016 by the creators of Apache Ranger, Privacera plans to use the new funds to accelerate its go-to-market strategy and extend its portfolio to support multiple cloud services.

Researchers have discovered a new backdoor targeting Linux systems, which they link back to the Winnti threat group. The latter fact provides a clue that RedXOR is utilized in targeted attacks against legacy Linux systems, noted researchers.

After a breach at a Florida treatment facility, tap water security is front and center. After a cyberattack on a Florida treatment facility, conversations surrounding tap water security are front and center for IT teams and H2O-quaffing humans alike.

CISA officials said that, so far, there is no evidence of US federal civilian agencies compromised during ongoing attacks targeting Microsoft Exchange servers. "At this point in time, there are no federal civilian agencies that are confirmed to be compromised by this campaign," Eric Goldstein, CISA executive assistant director for cybersecurity, said in a testimony before the Homeland Security Subcommittee.

Industrial cybersecurity firm Claroty this week disclosed technical details for two potentially serious vulnerabilities affecting PowerLogic smart meters made by Schneider Electric. PowerLogic is a line of revenue and power quality meters that are used not only by utilities, but also industrial companies, healthcare organizations, and data centers for monitoring electrical networks.

FIN8 is a financially motivated threat group whose typical mode of attack has been to steal payment-card data from point-of-sale environments, particularly those of retailers, restaurants and the hotel industry. Bitdefender has recently identified specific attacks on seven targets during its monitoring of the command-center infrastructure used in previous FIN8 attacks.

Sigstore could eliminate the headaches associated with current software signing technology through public ledgers. The Linux Foundation, in partnership with Red Hat, Google and Purdue University, has announced a new digital signing project, potentially eliminating many of the headaches that come with securing open source software, files, images and binaries.

Venture funding continues to flow this week, with extended detection and response firm Cynet adding $40 million to its coffers via a Series C funding round led by Greenfield Partners. Founded in 2015, Cynet offers an autonomous XDR platform designed to help organizations of all sizes detect threats and respond to incidents by automating monitoring, attack prevention and detection, and response orchestration capabilities.