Security News > 2021

Leading payroll company PrismHR is suffering a massive outage after suffering a cyberattack this weekend that looks like a ransomware attack from conversations with customers. In email templates provided by PrismHR, PEOs are telling clients that PrismHR "Is currently experiencing an interruption of service impacting over 200 PEOs across the United States."

The Perl.com domain was hijacked in January 2021, but hackers seemingly took control of it four months prior, in September 2020. Serving articles about the Perl programming language since 1997 and managed by The Perl Foundation, the domain started pointing to a parked site at the end of January, with evidence suggesting connections to sites distributing malware.

Given the danger that arises as soon as the crooks sneak into your network, it's as important to learn how malware gets delivered in the first place as it is to know what happens to your files when ransomware finally scrambles them. The Gootkit malware family has been around more than half a decade - a mature Trojan with functionality centered around banking credential theft.

Countless small businesses turn to PEOs in part because they simplify compliance with various state payroll taxes, and because PEOs are the easiest way for small businesses to pool their resources and obtain more favorable health insurance rates for their employees. In a notice sent to its PEO partners, PrismHR said it detected suspicious activity within its networks on Feb. 28, and that it disabled access to its platform for all users in an effort to contain the security incident.

Whether to pay ransom in order to unlock hijacked data or stop a Distributed Denial of Service attack is a hot topic right now. What to consider when deciding whether to pay a ransomware demand.

Android 11 allows users to enable the Wi-Fi-Enhanced MAC randomization. Jack Wallen shows you how.

The time for Disabled or Permissive SELinux settings is over. The only difference between Disabled and Permissive is that Permissive keeps SELinux running and logs Access Vector Cache actions.

Malaysia Airlines has suffered a data breach spanning nine yearsof data that exposed the personal information of members in its Enrich frequent flyer program. Starting yesterday, Malaysia Airlines began emailing members of their Enrich rewards program to disclose that they were affected by a data breach.

The jailbreak-which UnC0ver said works on iOS versions 11.0 to 14.3-exploits the kernel vulnerability CVE-2021-1782, one of three iOS flaws for which Apple released an emergency update, iOS 14.4, last month. Anyone with a device running 14.3 or earlier version of iOS can use the tool to hack into their iPhone, according to UnC0ver.

SolarWinds has reported expenses of $3.5 million from last year's supply-chain attack, including costs related to incident investigation and remediation. Further expenses were recorded by SolarWinds after paying for legal, consulting, and other professional services related to the December hack and provided to customers for free.