Security News > 2021

Microsoft is force installing a Windows 10 update that removes the embedded 32-bit version of Adobe Flash Player from the operating system. In October, we reported that Microsoft had released the KB4577586 optional update to remove the embedded 32-bit Flash Player from Windows and prevent it from being installed again.

Tom Merritt lists five things to know about adversarial attacks. Adversarial attacks use machine learning against machine learning by creating images, text or audio, that thwarts other algorithms from performing as expected.

"If you want to build a new BI product, the first feature you build is export to Excel," jokes Arun Ulag, CVP of Microsoft Power BI. "People want to be able to work with data in the tools that they use." he adds. So Power BI will now use sensitivity labels from Microsoft Information Protection to protect information in Power BI Desktop, in the Power BI service and when reports are exported to Excel, PowerPoint or PDF. This will allow you to use the same data security policy, compliance and auditing tools for Power BI as for Office.

Machine learning is helpful to many organizations in the tech industry, but it can have a downside. Tom Merritt lists five things to know about adversarial attacks.

Analyzing data from the U.S. Department of Health and Human Services, threat protection company Bitglass found that the count of healthcare breaches reported in 2020 increased to 599, a jump of more than 50% compared to the previous year. Most of the breaches were caused by hacking and IT incidents, which exposed data from 24.1 million individuals, making them vulnerable to identity theft and phishing attacks.

Centreon, the maker of the IT monitoring software exploited by Russian state hackers to infiltrate French companies' networks, said today that only organizations using obsolete software were compromised. Today's Centreon press release comes after a report released on Monday by ANSSI, the French national cyber-security agency, describing a series of attacks that resulted in multiple French IT providers getting breached over four years.

Red Canary, a Denver, Colo.-based managed detection and response firm, has raised $81 million through a Series C founding round led by Summit Partners. The provider of SaaS-based security operations solutions has now raised more than $125 million to-date, with the new funding being used to support product and personnel expansion.

Details of a flaw in Apple's Safari browser, publicly disclosed Tuesday, outline how the cybergang known as ScamClub reached 50 million users with a three-month-long malicious ad campaign pushing malware to mobile iOS Chrome and macOS desktop browsers. Impacted was Apple's Safari browser running on macOS Big Sur 11.0.1 and Google's iOS-based Chrome browser.

Researchers at cybersecurity firm FireEye have analyzed a gateway device used for solar energy installations, and discovered vulnerabilities that could be useful to malicious hackers. FireEye conducted its research on a version of the device offered by Tesla under the SolarCity brand - Tesla acquired solar panel maker SolarCity in 2016.

If you think your backup strategy means you're protected from the worst that cyber-criminals can throw at you, we've got some bad news. If you are unlucky enough to get a "Pay up or else" notice, there's a very good chance that the attacker in question has already been stealthily working their way through your systems for some time, ensuring your recovery data has already been comprehensively trashed.