Security News > 2021

Boston-based developer security firm Snyk on Wednesday announced that it has raised $300 million in a Series E funding round that values the company at $4.7 billion. Snyk became a cybersecurity unicorn in January 2020, when it announced raising $150 million in Series C financing.

The potentially devastating hack of Microsoft email servers, the second major cyberattack in months, adds pressure to the Biden administration as it weighs options for "Hacking back" or other moves to protect cyberspace. The latest hack exploiting flaws in Microsoft Exchange service is believed to have affected at least 30,000 US organizations including local governments and was attributed to an "Unusually aggressive" Chinese cyberespionage campaign.

A team of researchers from universities in the United States, Australia and Israel has demonstrated that attackers could launch browser-based side-channel attacks that do not require JavaScript, and they've tested the method on a wide range of platforms, including devices that use Apple's recently introduced M1 chip. The researchers - representing the Ben-Gurion University of the Negev, the University of Michigan and the University of Adelaide - have published a paper on what they have described as the first browser side-channel attack that uses only CSS and HTML, and works even if JavaScript is completely disabled.

A series of police raids in Belgium have resulted in the apparent shutdown of the Sky ECC encrypted mobile phone network. As the second major encrypted phone network to be shut down by police in Europe, Sky ECC's seeming downfall has parallels with the Encrochat story, where French and Dutch police man-in-the-middle'd the encrypted phone network on suspicion it was being used mainly by organised criminals.

Hackers claim to have breached Silicon Valley startup Verkada to gain unauthorized access to live feeds of 150,000 security cameras. The breach represents a broad vision of the privacy and security violations that can occur if video surveillance footage falls into the wrong hands.

More state-sponsored hacking groups have joined the ongoing attacks targeting tens of thousands of on-premises Exchange servers impacted by severe vulnerabilities tracked as ProxyLogon. Exchange servers attacked by multiple hacking groups.

A report released Wednesday by data management firm Veritas revealed how employees are sharing company data while working remotely and offers advice on how businesses can regain control of that data. Among the respondents, 71% admitted to sharing sensitive and business-critical company data using messaging and collaboration tools.

The systems of SEPE, the Spanish government agency for labor, were taken down following a ransomware attack that hit more than 700 agency offices across Spain. SEPE director Gerado Guitérrez confirmed that the agency's network systems were encrypted by Ryuk ransomware operators after the incident.

Cyber insurance provider Corvus on Wednesday announced that it has raised $100 million in a Series C funding round. To date, the company has raised a total of $147 million.

A US hacker collective on Tuesday claimed to have tapped into footage from 150,000 security cameras at banks, jails, schools, carmaker Tesla and other sites to expose "The surveillance state." Images captured from hacked surveillance video were posted on Twitter with an #OperationPanopticon hashtag.