Security News > 2021

Ayla Networks announced general availability of its Fast Track program, aimed at simplifying IoT projects to help OEMs launch new connected products in a fraction of time. Fast track speeds time to market for smart, connected products.

Two vulnerabilities in a crowdsourced location-tracking system that helps users find Apple devices even when they're offline could expose the identity of users, research claim. Offline Finding, a proprietary app introduced by Apple in 2019 for its iOS, macOS and watchOS platforms, enables the location of Apple devices even if they aren't connected to the internet.

SailPoint announced the appointment of Heather Gantt-Evans as the company's new Chief Information Security Officer. In this role, Heather will be responsible for the overall cybersecurity of SailPoint's products, systems, and data as the company continues its global expansion.

Has your password been compromised? Are you certain? If you're a Google Chrome user, you know there's a feature that will inform you if your password has been stolen and should be changed. With this new Android Password Checkup feature, you can stay in the know about when it's time to change a password.

Hackers gained access to live surveillance cameras installed at Tesla, Equinox, healthcare clinics, jails, and banks, including the Bank of Utah. In addition to images captured from the cameras, the hacker also shared screenshots of their ability to gain root shell access to the surveillance systems used by Cloudflare and at Telsa HQ. According to Tillie Kottmann, a reverse engineer for the group of hackers, they gained access to these surveillance systems using a super admin account for Verkada, a surveillance company who works with all of these organizations.

Microsoft has released its regularly scheduled March Patch Tuesday updates, which address 89 security vulnerabilities overall. Included in the slew are 14 critical flaws and 75 important-severity flaws.

A week after Microsoft warned that four zero-day flaws and three others in its Exchange Server were being actively exploited and issued out-of-band remediation, the cloudy Windows biz has delivered software fixes to address 82 other vulnerabilities as part of its monthly Patch Tuesday ritual. Microsoft says two of these vulnerabilities are publicly known and five are under active exploitation.

Despite an explosion in the sheer amount of stolen data available on the Dark Web, the value of personal information is holding steady, according to the 2021 Dark Web price index from Privacy Affairs. "The parallels between Dark Web markets and standard consumer markets continue to grow," Hoffman said.

Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United States. The same sources who shared those figures say the victim list has grown considerably since then, with many victims compromised by multiple cybercrime groups.

Adobe has issued patches for a slew of critical security vulnerabilities, which, if exploited, could allow for arbitrary code execution on vulnerable Windows systems. Affected products include Adobe's Framemaker document processor, designed for writing and editing large or complex documents; Adobe's Connect software used for remote web conferencing; and the Adobe Creative Cloud software suite for video editing.