Security News > 2021

Experts have long worried about the security risks associated with the widespread use of APIs, with Gartner writing in a report that by 2022, API abuse will become the most common attack seen by security teams. Salt Security's "The State of API Security - Q1 2021" confirms many of those fears, finding that of the nearly 200 enterprise security officials surveyed, 91% experienced an API security incident last year.

Apple pushed out an iOS update in something of a hurry to shut down a serious 0-day bug. The GnuPG team scrambled to fix an ironic vulnerability that could be exploited during the very process of checking if the data you just received could be trusted.

An Internet Explorer zero-day vulnerability has been discovered used in recent North Korean attacks against security and vulnerability researchers. Last month, Google disclosed that the North Korean state-sponsored hacking group known as Lazarus was conducting social engineering attacks against security researchers.

The hacking group referred to as TeamTNT has been employing a new piece of malware in a recently started campaign targeting Kubernetes environments, security researchers with Palo Alto Networks' Unit 42 reveal. During the summer of 2020, TeamTNT was targeting Docker and Kubernetes systems with a crypto-mining worm capable of stealing local credentials, including Amazon Web Services login details.

Cisco is rolling out fixes for critical holes in its lineup of small-business VPN routers. The flaws exist in the web-based management interface of Cisco's small-business lineup of VPN routers.

A phishing campaign bent on stealing Microsoft login credentials is using Google Firebase to bypass email security measures in Microsoft Office 365, researchers said. Clicking the thumbnail or "View File" link leads to the final phishing page, asking victims to log in with their Microsoft credentials, and asks them to provide alternate email addresses or phone numbers - an effort to collect data that could be used to get around two-factor authentication or account recovery mechanisms.

Plex Media Server systems are actively being abused by DDoS-for-hire services as a UDP reflection/amplification vector in Distributed Denial of Service attacks. "We've seen its use as far back as November when activity ramped up, but most of the time, we see its use is in multi-vector attacks rather than as a primary vector, which can result in some uncertainty in finding an exact day it began to be used," Hummel said when asked of the first time PMSSDP was observed as a DDoS attack amplification vector.

Stormshield, a wholly-owned subsidiary of France-based cybersecurity company Airbus CyberSecurity, has disclosed a data breach that resulted in source code and customer information getting compromised. Stormshield provides network security, endpoint security and data security solutions.

Simply put, Vanhoof relied on the fact that many older Nespresso setups rely on what's known as a stored-value wireless payment card, something that's similar to but importantly different from a modern credit card. Wireless in this case means that the card uses NFC, short for Near Field Communication, the same underlying technology that's used by credit cards, many modern door security cards and almost all passports issued in the past 10 years.

A lack of security training for educators and budget limitations are two reasons schools are susceptible to cyberattack, says IBM Security. If you're at a smaller organization, such as a school, with a tiny budget and limited security training, combating cyberattacks is all the more difficult.