Security News > 2021

The new self-appointed military government of Myanmar has temporarily banned Facebook. Newswire Reuters' Myanmar reporter Hnin Zaw posted a notice from Myanmar's Ministry of Transport and Communications that imposed a ban until February 7th. Using optical character recognition and online translation tools, The Register surmises that the order says the ban is needed to stop the spread of fake news.

The Company's patented platform integrates easily within existing security infrastructure to deliver targeted coaching that teaches employees how to identify and remediate cyberattacks while providing security teams with insights that help them better understand the human element of their organization's security posture. SecurityAdvisor's deep integrations with leading cybersecurity vendors, including CrowdStrike, provide visibility across the entire organization for security teams and quantifies security teams' ROI. SecurityAdvisor will use the capital to support product development and drive market awareness of its innovative offering amongst enterprise security leaders.

CrowdStrike announced the appointment of Marianne Budnik as the company's new chief marketing officer. Budnik most recently served as CMO for CyberArk and currently serves on the board of directors of Cerence.

AlertEnterprise announced the appointment of Mark Weatherford as Chief Information Security Officer. In the CISO position Weatherford will guide strategic aspects of data management and protection, advising cyber-physical Security policies and procedures within AlertEnterprise.

Kaspersky has released a decryptor for the Fonix Ransomware that allows victims to recover their encrypted files for free. The good news is that if you have been infected with the FonixRansomware, you can now decrypt your files for free using an updated version of Kaspersky's RakhniDecryptor.

Sherrod DeGrippo, senior director of threat research and detection with Proofpoint, shares insights on the global law enforcement and private-sector takedown of the major cybercrime tools such as Emotet. Last fall, agencies targeted TrickBot's infrastructure to disrupt the prolific malware, and last week, they took down servers supporting the Emotet malware.

As if that supply chain attack wasn't bad enough, SolarWinds has had to patch its Orion software again after eagle-eyed researchers discovered fresh vulnerabilities - including one that can be exploited to achieve remote code execution. Ziv Mador, security research veep at Trustwave, the firm that found the flaws, told The Register: "It's very severe, not only because of the ability to run unauthorized code on the Orion platform, but also because anyone on the network, not even someone that has [no] access to that server, can do that."

There had been hints that a second group of malicious actors may have exploited a SolarWinds bug to install the Supernova backdoor - notably, there was a conclusion by Microsoft back in December that this was the case. That original effort used trojanized software updates for the SolarWinds Orion network-management platform to disseminate the Sunburst malware to SolarWinds customers in a supply-chain attack.

Researchers have discovered never-before-seen malware, dubbed Hildegard, that is being used by the TeamTNT threat group to target Kubernetes clusters. Eventually, they warn, TeamTNT may launch a more large-scale cryptojacking attack via Kubernetes environments or steal data from applications running in Kubernetes clusters.

SonicWall has released a patch for the zero-day vulnerability used in attacks against the SMA 100 series of remote access appliances. On January 22nd, SonicWall disclosed that their internal systems were attacked using a zero-day vulnerability in the SMA 100 series of SonicWall networking devices.