Security News > 2021

With regards your question, I'm going to answer it in a bit more depth as there is a lot many realy do not realise both from a defenders and attackers point of view. The level of the attack signal rises and the level of the signals uncorrelated with the Zero Day attack go down do not remain covery long when you can "Go back in time" repeatedly with "Collect it All" databases.

Container security firm Aqua Security on Wednesday announced that it has raised $135 million in a Series E funding round at a valuation that exceeds $1 billion, which makes the company a "Unicorn." Since it was founded in 2015, Aqua Security has raised a total of $265 million.

A report released Wednesday by password manager NordPass looks at the repercussions of weak passwords and suggests ways to improve your password hygiene. Employees in some industries turned to their own specific types of weak passwords.

SAP's March 2021 Security Patch Day updates include 9 new security notes, including two for critical vulnerabilities affecting the company's NetWeaver Application Server and Manufacturing Integration and Intelligence products. This month's set of patches also includes 4 updates to previously released Patch Day security notes, including updates for two notes rated Hot News, which address a missing authorization check in Solution Manager and deliver the latest patches for the Chromium browser in Business Client.

Police have issued a tender to replace their CyberAlarm tool following reporting by The Register and infosec researchers revealing security flaws in the logging software. Detective chief superintendent Andrew Gould, the NPCC's cybercrime lead and "Owner" of CyberAlarm, told The Register in a statement: "Due to the growing demand for Police CyberAlarm from businesses across the country, further funding for the project has been secured from the Home Office for another 12 months following the government's latest one-year spending review. As per procurement regulations we are required to conduct a new competitive tender to identify a supplier for the new 12-month contract."

Security researchers have identified multiple vulnerabilities in ProSAFE Plus JGS516PE and GS116Ev2 business switches from Netgear, the most severe of which could allow a remote, unauthenticated attacker to execute arbitrary code. A total of 15 vulnerabilities affecting Netgear switches that use the ProSAFE Plus configuration utility were found to expose users to various risks, according to researchers with IT security firm NCC Group.

Cybersecurity researchers on Wednesday shed light on a new sophisticated backdoor targeting Linux endpoints and servers that's believed to be the work of Chinese nation-state actors. RedXOR's name comes from the fact that it encodes its network data with a scheme based on XOR, and that it's compiled with a legacy GCC compiler on an old release of Red Hat Enterprise Linux, suggesting that the malware is deployed in targeted attacks against legacy Linux systems.

In a major unprecedented incident, data centers of OVH located in Strasbourg, France have been destroyed by fire. Customers are being advised by the company to enact their disaster recovery plans after the fire has rendered multiple data centers unserviceable, impacting websites around the world.

You might think not seeing too much of your cybersecurity colleagues is a good thing - it means everything is going smoothly, doesn't it? Or it could be that your security team is worrying short-handed. Research by CyberSecurity Ventures predicted 3.5 million cybersecurity jobs will go unfulfilled globally this year.

According to Gartner, cloud adoption will only accelerate as we move into 2021, with cloud services revenue climbing more than 19%. However, all of this change creates a totally different set of work streams and security challenges. Organizations must assess what controls cloud services providers offer in order to understand the security risks and challenges.