Security News > 2021

The Knight Ink vulnerability research study details findings, and also notes that the results are particularly worrisome given the increased reliance on mHealth apps during the global pandemic, which in turn is drawing threat actors to mHealth apps as an attack surface of choice. "Observers with Pew Research noted that mHealth apps are now generating more user activities than other mobile device apps such as online banking and job searching. Observers also note that patient IDs and PHI are more lucrative in dark web markets than credit card data."

2020 vulnerability disclosures are on track to exceed 2019 despite a sharp decrease of 19.2% observed earlier in the year, according to Risk Based Security. Despite the initial disruption from COVID-19, the trend of total number of vulnerabilities suggests that business operations and routines have normalized as the gap has closed to 0.98%. "2020 could be titled 'The Great Catch-up'. We saw an incredible drop of 19.2% in Q1, but with each subsequent quarter that massive gap steadily closed," commented Brian Martin, VP of Vulnerability Intelligence at Risk Based Security.

The COVID-19 pandemic continued to influence the cybercrime landscape in 2020, ESET reveals. Most notably, the new attack surface created by the shift to work from home brought further growth of Remote Desktop Protocol attacks, albeit at a slower rate compared to previous quarters.

New Relic introduced New Relic Explorer, its reimagined Full-Stack Observability experience that delivers innovative new visualizations and capabilities to give engineers unprecedented visibility into their complete estate. With zero configuration required, New Relic Explorer brings together an organization's telemetry data from across applications and infrastructure to provide an essential live view of an entire software system's health and performance.

Every month of the year has some sort of tax relevance somewhere in the world, and tax scamming cybercrooks take advantage of the many different regional tax filing seasons to customise their criminality to where you live. In the UK, the 2019/2020 tax year ended on 05 April 2020, and the deadline for filing your taxes electronically was 31 January 2021.

WatchGuard has announced new capabilities that make WatchGuard Cloud the ideal security platform for managed service providers. "Our vision for WatchGuard Cloud has always been to build a powerful, cloud-hosted security platform that directly supports the way MSPs do business and simplifies every aspect of security delivery for our partners," said Andrew Young, senior vice president of product management at WatchGuard.

The product is the only Active Directory plugin to check credentials at installation and password creation, and continuously monitor for and detect compromised credentials. The automated tool screens passwords against the dynamic Enzoic database containing billions of exposed credentials.

Apple's forthcoming iOS 14.5 release, currently in beta, will conceal the IP address of Safari web surfers from Google's Safe Browsing service, integrated into Safari to spot fraudulent websites. That means when Safari users visit a website with Safe Browsing active, their IP addresses will be associated with an Apple domain rather than their internet service provider or corporate network.

Popular messaging app Telegram fixed a privacy-defeating bug in its macOS app that made it possible to access self-destructing audio and video messages long after they disappeared from secret chats. Unlike Signal or WhatsApp, conversations on Telegram by default are not end-to-end encrypted, unless users explicitly opt to enable a device-specific feature called "Secret chat," which keeps data encrypted even on Telegram servers.

The newest iteration of Yugabyte's open source database improves on the existing high availability, horizontal scalability, and ease-of-use characteristics of YugabyteDB, furthering the company's mission of providing the default distributed SQL database for cloud-native applications in a multi-cloud world. The release of YugabyteDB 2.4 stabilizes the features and capabilities included in the YugabyteDB 2.3 development release.