Security News > 2021

We delve into Google's tight-lipped Chrome bugfix, explain how a Belgian researcher awarded himself 111,848 cups of coffee, and discuss the audacious but thankfully temporary theft of the Perl.com domain. WHERE TO FIND THE PODCAST ONLINE. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher, Overcast and anywhere that good podcasts are found.

Microsoft has released an emergency KB5001028 out-of-band update to fix a bug causing Windows 10 to crash when connecting to WPA3 Wi-Fi networks. According to a new support issue posted to Microsoft's Windows Message Center, the bug was introduced in the recent Windows 10 1909 cumulative updates.

Microsoft has released an emergency KB5001028 out-of-band update to fix a bug causing Windows 10 to crash when connecting to WPA3 Wi-Fi networks. According to a new support issue posted to Microsoft's Windows Message Center, the bug was introduced in the recent Windows 10 1909 cumulative updates.

Microsoft says that the number of monthly web shell attacks has almost doubled since last year, with an average of 140,000 such malicious tools being found on compromised servers every month. They can be deployed in a large variety of forms, from app plugins and PHP or ASP code snippets injected within web apps to programs designed to provide web shell features and Perl, Python, Ruby, and Unix shell scripts.

SecurityWeek will host its 2021 Supply Chain Security Summit as a virtual event on March 10, 2021. In the wake of the SolarWinds mega-hack that continues to unravel, software supply chain security and fragility is again on the front-burner for enterprise security decision makers.

Singtel and the QIMR Berghofer Medical Research Institute are the latest companies to disclose data breaches caused by a vulnerability in the Accellion FTA secure file transfer software. As Accellion FTA service is used by numerous government agencies, educational institutions, and companies, we have begun to see a wide-scale impact as companies report related data breaches.

One way to avoid that is using a tool like HashiCorp's Vault, which is a command line tool for managing secrets. Vault provides an API that gives access to secrets based on policies, and encrypts data using 256-bit AES with GCM. I want to show you how to install and get started with Vault.

Critical and high severity vulnerabilities in the Responsive Menu WordPress plugin exposed over 100,000 sites to takeover attacks as discovered by Wordfence. Responsive Menu is a WordPress plugin designed to help admins create W3C compliant and mobile-ready responsible site menus.

"The attacks orchestrated by this criminal gang targeted thousands of victims throughout 2020, including famous internet influencers, sport stars, musicians and their families," according to an alert from the organization. In a typical SIM-swapping attack, attackers use stolen, sleuthed or phished personal information - including, crucially, a person's mobile phone number - to impersonate a target.

Autonomous vehicle security solutions provider AUTOCRYPT this week announced that it raised another $13 million in its Series A funding round, which brings the total secured in this round to roughly $15 million. The Seoul, South Korea-based firm aims to improve the safety of transportation through securing all of the connections a vehicle makes.