Security News > 2021

The National Security and Defense Council of Ukraine is accusing threat actors located on Russia networks of performing DDoS attacks on Ukrainian government websites since February 18th. The National Coordination Center for Cybersecurity at the NSDC state that these DDoS attacks have been massive and have targeted government websites in the defense and security sector. While Ukraine did not directly accuse Russia of the denial of service attacks, they stated that the attackers' IP addresses were located on Russian networks.

Linux Mint founder Clem Lefebvre has complained that too many users are slow to apply updates or run unsupported versions of the operating system. Linux Mint does not collect telemetry data from users, but used Yahoo! users as a sample to inspect the user agent of Linux Mint traffic - information sent from the browser with every request.

Transport for NSW, which is the main transport and roads agency in New South Wales, Australia, and NSW Health, the state's ministry of health, are the latest confirmed victims of a cyber-attack targeting Accellion's FTA file transfer service. Transport for NSW says that some information was stolen before the attack on Accellion servers was interrupted and that an investigation is ongoing, but did not provide further details on the matter.

Mandiant/FireEye researchers have tentatively linked the Accellion FTA zero-day attacks to FIN11, a cybercrime group leveraging CLOP ransomware to extort targeted organizations. Accellion has also confirmed on Monday that "Out of approximately 300 total FTA clients, fewer than 100 were victims of the attack."

Today, developers at small or large companies use package managers to download and import libraries that are then assembled together using build tools to create a final app. For these apps, companies will often use private libraries that they store inside a private package repository, hosted inside the company's own network.

Silicon Valley-based venture capital giant Sequoia Capital informed investors last week that their information may have been compromised in a data breach. Axios, which broke the news on Saturday, said investors were told that some of their personal and financial information may have been accessed after a Sequoia employee fell victim to an email phishing attack.

A group of influential technology and media companies has partnered to form the Coalition for Content Provenance and Authenticity, a Joint Development Foundation project established to address the prevalence of disinformation, misinformation and online content fraud through developing technical standards for certifying the source and history or provenance of media content. C2PA member organizations will work together to develop content provenance specifications for common asset types and formats to enable publishers, creators and consumers to trace the origin and evolution of a piece of media, including images, videos, audio and documents.

Thirteen years, one institutional investor and two acquisitions later, it offers a unified platform that helps general counsel and chief legal officers manage challenges related to e-discovery, data privacy compliance obligations, Data Subject Access Rights, digital forensic investigation and so on. Legal plays a critical role in ensuring that all compliance obligations are met, and overall risk to the organization is mitigated.

While businesses have continued to fortify their networks against remote invaders, most have overlooked the potential for cyber threats from physical intruders. While such attacks are extremely rare in comparison to the endless virtual attacks launched every day, physical security gaps can allow threat actors to circumvent otherwise strong defenses to inflict serious damage.

Supply chain attacks, ransomware, data extortion and nation-state threats prove to be more prolific than ever, a CrowdStrike report suggests. Among a popular vector for cybercriminals is the supply chain as it allows malicious actors to propagate multiple downstream targets from a single intrusion.