Security News > 2021

These installers-such as Python Package Index for Python or npm and the npm registry for Node-are usually tied to public code repositories where anyone can freely upload code packages for others to use, Birsan noted. Birsan decided to answer this question last summer while attempting to hack PayPal with another ethical hacker, Justin Gardner, who shared with him "An interesting bit of Node.js source code found on GitHub," Birsan said.

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019. Based on the company's data, among last year's top earners, there were groups like Ryuk, Maze, Doppelpaymer, Netwalker, Conti, and REvil.

Messaging apps such as Messenger or WhatsApp and video calls on Zoom face stricter privacy rules in Europe, after a draft law passed a key EU hurdle on Wednesday. The EU's 27 member states approved a proposal that was stuck since 2017, with countries split between those wanting strict privacy online and others wanting to give leeway to law enforcement and advertisers.

CloudLinux has added the Raspberry Pi to its KernelCare patching service, although only if you're running Ubuntu. The arrival of the service is a recognition of the diminutive computer's presence in the IoT world, where implementations tend to be more on the appliance side and ongoing security updates are not always applied.

Intel on Tuesday announced the release of updates that patch tens of vulnerabilities across many of the company's software and hardware products. The chipmaker's Patch Tuesday updates for February 2021 were described in 19 advisories, including four that cover high-severity vulnerabilities.

Healthcare data breaches went up 36% in the second half of 2020, according to a new analysis from CI Security. In the second half of the year, more than 21.3 million records were breached, an increase of 177% from nearly 7.7 million records breached in the first half of 2020.

While it's logical to assume seniors would be primary targets, a new report revealed that millennials were actually the most targeted demographic group of the more than 50 billion spam calls made in 2020. The increase in calls has enabled scammers to go ham on the unsuspecting, as they steal money and damage trust.

Two severe vulnerabilities in the NextGEN Gallery WordPress plugin could have exposed more than 800,000 websites to complete takeover, WordPress security company Defiant reported on Monday. Available for more than a decade, the plugin provides users with a broad range of gallery management capabilities, such as batch upload of photos, metadata import, thumbnail editing, photo and gallery management, and more.

Kind old Google has published data on targeted email attacks and dispensed advice to help users separate friend from foe. The pandemic has presented malware-laden email flingers with a world of opportunity and a whole new set of attack vectors.

Positive Technologies' experts have analyzed the ten most active forums on the dark web, which offer services for hacking websites, buying and selling databases, and accessing web resources. The research discovered that in 90% of cases, users of dark web forums will search for hackers who can provide them with access to a particular resource or who can download a user database.