Security News > 2021

A prolific North Korean state-sponsored hacking group has been tied to a new ongoing espionage campaign aimed at exfiltrating sensitive information from organizations in the defense industry. The next-stage malware functions by embedding its malicious capabilities inside a Windows backdoor that offers features for initial reconnaissance and deploying malware for lateral movement and data exfiltration.

Cisco has addressed a maximum severity vulnerability in its Application Centric Infrastructure Multi-Site Orchestrator that could allow an unauthenticated, remote attacker to bypass authentication on vulnerable devices. Separately, the company also patched multiple flaws in Cisco Application Services Engine that could grant a remote attacker to access a privileged service or specific APIs, resulting in capabilities to run containers or invoke host-level operations, and learn "Device-specific information, create tech support files in an isolated volume, and make limited configuration changes."

The Terraform open-source infrastructure leverages the predefined policies and standards definitions built into the Cavirin security and compliance solution. Finally, Cavirin has introduced a new Cybersecurity Maturity Model assessment policy that enables defense suppliers to evaluate their cloud/compute systems for CMMC compliance.

RiskRecon marked the expansion of its cybersecurity risk monitoring to 3.9 million companies globally. The essential insights into the health of digital ecosystems delivered by RiskRecon enables its clients to easily understand and act on their cybersecurity risks.

Paysafe is leveraging technology from Snowflake to achieve meaningful data insights and deliver more informed and enhanced customer experiences by tapping into Artificial Intelligence and Machine Learning data models. As well as supporting Paysafe's identification of consumer trends, the personalisation of its services, fraud prevention and Know Your Customer initiatives, the data models powered by Snowflake's platform will also help to inform the company's new product developments.

CyberLink announced a partnership integrating its facial recognition software development kit FaceMe into Vypin eScreener kiosks. Vypin launched the Vypin eScreener kiosk with the latest in automated screening technology to promote health and safety without sacrificing the employee or customer experience.

This integration streamlines secure business operations for MSPs, allowing them to access their Autotask PSA account from within the ThreatLocker portal. ThreatLocker addresses these concerns, protecting against ransomware, viruses, and other malicious software, integrating seamlessly with Autotask PSA, which combines all the mission-critical tools MSPs need to operate a successful business.

Very Good Security has further cemented its commitment to securing the world's information by empowering organizations to prepare for their first SOC 2 audits completely free with VGS Control. VGS employs a fundamentally different approach to data security and compliance, which drastically improves an organization's ability to seek and maintain SOC 2 compliance using VGS Control.

The funds will be used to accelerate product development and global market expansion for the company's cyber attack infrastructure identification and blocking technology. "HYAS turns the table on attackers by exposing and blocking their infrastructure, and communication channels," said Dave Ratner, CEO, HYAS. "This new round of financial support and the deep expertise of our new and existing partners will help us accelerate the execution of our vision on a global scale."

Microsoft is believed to be working on a new virtualized desktop experience called 'Cloud PC' to help administrators deploy and manage Windows 10 PCs in the cloud via web browser, mobile app or another PC. Cloud PC will also allow Microsoft to handle your organization's device configuration by applying updates security improvements regularly, and offer managed support. Cloud PC is based on Azure and Windows Virtual Desktop and it won't replace any version of Windows.