Security News > 2021

A major French software firm allegedly targeted by Russian hackers denied Tuesday that its major clients could have been affected by the attack. Centreon, which lists blue-chip French firms from Airbus to Total among its users, was named in a report by the French national cybersecurity agency ANSSI late Monday.

The 2021 State of Malware Report from Malwarebytes found that cybercriminals are learning from the past to build smarter software and starting to modularize their products to make distribution easier. The report examined what malware was most active during 2020, as well as trends in attacks on specific devices such as Android phones and Mac laptops.

Unknown hackers - possibly the Sandworm APT - have been compromising enterprise servers running the Centreon monitoring software for over three years, the French National Cybersecurity Agency has shared on Monday. The hackers exploited public-facing Centreon installations to gain access to the underlying system, and used that access to spread laterally through the target organizations' networks.

Researchers have discovered several vulnerabilities in the SHAREit Android application, including flaws that could expose sensitive user data and allow remote code execution. SHAREit, originally made by Chinese tech giant Lenovo, is a popular cross-platform file sharing app currently developed by Smart Media4U Technology.

Interesting story about a barcode scanner app that has been pushing malware on to Android phones. A rash of malicious activity was recently traced back to the app.

North Korean hackers tried to break into the computer systems of pharmaceutical giant Pfizer in a search for information on a coronavirus vaccine and treatment technology, South Korea's spy agency said Tuesday, according to reports. The impoverished, nuclear-armed North has been under self-imposed isolation since closing its borders in January last year to try to protect itself from the virus that first emerged in neighbouring China and has gone on to sweep the world, killing more than two million people.

France's Agence nationale de la sécurité des systèmes d'information, the nation's cyber-security agency, has identified a years-long campaign to infiltrate IT monitoring platform Centreon. Centreon claimed that Centreon is a spiffing open-source IT monitoring tool.

MITRE ATT&CK helps understand attacker behavior. The MITRE ATT&CK framework is a well known and widely used knowledge base of cyber adversary tactics, techniques and procedures, and is based on observations on real-world attacks.

Security policies governing remote working and secure access were either scaled up or slapped together in an ad hoc fashion to keep operations going, but they often interfered with worker productivity. The problems with unanticipated demand for secure remote work.

Cynet recently published an 8-min video detailing their platform, the Cynet 360 Autonomous XDR Platform. In their video, Cynet specifically focuses on managed service partners, showing the security and business benefits that the platform provides.