Security News > 2021

The acquisition will further enhance Accenture's capabilities to support clients in their digital transformation journey. Edenhouse's SAP specialists have a broad breadth of technical knowledge, coupled with deep industry and line of business experience - spanning on-premise and cloud-based solutions - to help clients unleash the full power of SAP solutions and get increased value from their investments.

AdaCore announces the acquisition of Componolit, effective as of February 1, 2021.The acquisition of Componolit will provide AdaCore with a further foothold to expand its growing market share in Germany where the requirement for high-assurance software is increasing rapidly. Componolit technology will also bring new capabilities to AdaCore's suite of automated testing and static analysis tools.

Palo Alto Networks has made key bets around the shift to cloud and the need for integrated best-in-class security. Today Palo Alto Networks is making a further bet that cloud security must "Shift left," with security increasingly performed during the DevOps process.

The free version of LastPass - which people use to store passwords, notes, credit card details and so on - currently works across devices; a single login will give you access to all the associated data. From March 16, users will be required to choose which "Active device type" they want to use for the free service.

A malvertising group known as "ScamClub" exploited a zero-day vulnerability in WebKit-based browsers to inject malicious payloads that redirected users to fraudulent websites gift card scams. The attacks, first spotted by ad security firm Confiant in late June 2020, leveraged a bug that allowed malicious parties to bypass the iframe sandboxing policy in the browser engine that powers Safari and Google Chrome for iOS and run malicious code.

An umbrella group comprising 44 consumer-privacy watchdog organizations have filed a complaint against TikTok, saying the wildly-popular video-sharing platform has "Misleading" data-collection policies. "TikTok does not clearly inform its users, especially children and teenagers, about what personal data is collected, for what purpose and for what legal reason," said the BEUC, in a report released Tuesday, along with the complaint.

Russia-linked state-sponsored threat actor known as Sandworm has been linked to a three-year-long stealthy operation to hack targets by exploiting an IT monitoring tool called Centreon. The intrusion campaign - which breached "Several French entities" - is said to have started in late 2017 and lasted until 2020, with the attacks particularly impacting web-hosting providers, said the French information security agency ANSSI in an advisory.

Let's Encrypt just announced an infrastructure makeover which means the open certificate authority is able to re-issue up to 200 million certificates in a 24-hour period, something the service said could be necessary in "Some of the worst scenarios." The upgrade comes a year after Let's Encrypt was compromised by a Certificate Authority Authorization bug and was forced to revoke 3 million Transport Layer Security certificates on a single day, March 4, potentially leaving the sites behind them insecure or unavailable.

"A surge in cryptocurrency costs may have prompted cybercriminals to re-profile some botnets so that the command-and-control servers typically used in DDoS attacks could repurpose infected devices and use their computing power to mine cryptocurrencies instead," researchers said. DDoS of course didn't go away - as people spent more time online in 2020, researchers observed a corresponding spike in DDoS attacks for most of the year.

Microsoft has announced that the new Premium tier for its managed cloud-based network security service Azure Firewall has entered public preview starting today. The Azure Firewall Premium public preview adds new capabilities required by highly sensitive and regulated environments.