Security News > 2021

SecurityWeek today announced its official lineup of virtual cybersecurity events for the remainder of 2021. SecurityWeek's Security Summits series is designed to allow participants from around the globe to immerse themselves in a virtual environment to discuss the latest cybersecurity threats and challenges facing enterprise organizations.

After members of Congress criticized as "Disorganized" the U.S. response to a massive breach of government departments and private corporations discovered late last year, the White House announced Wednesday that a senior national security official had been leading the effort since the first day of the Biden administration. Anne Neuberger, the deputy national security adviser for cyber and emergency technology, was in charge of remediating the hack, identifying issues with the federal government's response and launching a study aimed at preventing similar incidents, the White House said.

Siemens this week released nine new security advisories describing vulnerabilities affecting the company's products. These products are made by Siemens Digital Industries Software, which specializes in product lifecycle management solutions.

Australian users are, for example, at a higher risk of being targeted that U.S.-based users, and older people are more likely to be targeted than youngsters. The researchers have analyzed over 1.2 billion email-based phishing and malware attacks against Gmail users and have singled out some interesting findings.

Researchers have uncovered two novel Android surveillanceware families being used by an advanced persistent threat group to target military, nuclear and election entities in Pakistan and Kashmir. The two malware families, which researchers call "Hornbill" and "SunBird," have sophisticated capabilities to exfiltrate SMS messages, encrypted messaging app content and geolocation, as well as other types of sensitive information.

TrickBot's stealthy BazarBackdoor malware has been rewritten in the Nim programming language, likely to evade detection by security software. Last week, both cybersecurity firm Intezer and Advanced Intel's Vitali Kremez analyzed a new sample of BazarBackdoor and discovered that the TrickBot gang ported it to the Nim programming language.

Hands On. Google has big ambitions for its new Open Source Vulnerabilities database, but getting started requires a Google Cloud Platform account and there are other obstacles that may add friction to adoption. The company wants to see more discipline and checks in critical open-source software, and revealed that it maintains its own private repositories for many projects to guard against compromised code or newly committed vulnerabilities.

The number of offers for network access and their median prices on the public posts on hacker forums dropped in the final quarter of last year but the statistics fail to reflect the real size of the initial access market. According to the company, over 240 offers to sell initial network access occurred in public conversations on three underground forums.

The number of offers for network access and their median prices on the public posts on hacker forums dropped in the final quarter of last year but the statistics fail to reflect the real size of the initial access market. According to the company, over 240 offers to sell initial network access occurred in public conversations on three underground forums.

Police have arrested 10 people in the U.K., Belgium and Malta for allegedly hijacking mobile phones belonging to U.S. celebrities including internet influencers, sports stars and musicians to steal personal information and millions in cryptocurrency, authorities said. The European Union police agency Europol said Wednesday that the gang is believed to have stolen more than $100 million in cryptocurrencies by using so-called SIM swap attacks.