Security News > 2021

Following a takedown operation earlier this month, authorities are taking steps towards cleaning up systems infected with the Emotet malware. Serving as a malware loader, Emotet has been associated with the distribution of well-known malware families, including TrickBot and Ryuk ransomware, among others.

Apple says it will roll out a new privacy control in the spring to prevent iPhone apps from secretly shadowing people. Although Apple didn't provide a specific date, the general timetable disclosed Thursday means a long-awaited feature known as App Tracking Transparency will be part of an iPhone software update likely to arrive in late March or some point in April.

Stack Overflow, the popular Q&A platform for programmers, this week shared technical information on how its systems were breached back in 2019, and it turns out that the hacker often viewed questions posted on Stack Overflow to learn how to conduct various activities on the compromised systems. The security breach was disclosed by Stack Overflow in mid-May 2019, and a few days later it admitted that the incident resulted in the details of some users being exposed.

Researchers have disclosed a new family of Android malware that abuses accessibility services in the device to hijack user credentials and record audio and video. The malware repeatedly reopens the Settings screen every eight seconds until the user turns on permissions for accessibility and device usage statistics, thus pressurizing the user into granting the extra privileges.

McAfee announced the general availability of MVISION Extended Detection and Response with inclusion of cloud, and network telemetry, unifying and optimizing threat detection and response beyond endpoints to allow for faster, more proactive investigation cycles, easier, automated response and continued modernization of today's security operations centers. According to Enterprise Strategy Group research, more than 80 percent of organizations are planning increased investment in threat detection and response solutions, affirming the heightened need to safeguard against today's crowded threat landscape.

Emotet establishes a backdoor onto Windows computer systems via automated phishing emails that distribute Word documents compromised with malware. Subjects of emails and documents in Emotet campaigns are regularly altered to provide the best chance of luring victims into opening emails and installing malware-regular themes include invoices, shipping notices and information about COVID-19.

announced the election of new officers for its Board of Directors. Elected during the first board meeting of 2021, the officers will serve a one-year term in their positions.

Where did the big vendors and Identity 2.0 players go wrong? It seems they were mostly retrofitting identity and access management tools into IGA workflows. The employee lifecycle is only one of the IGA challenges that Identity 2.0 systems are not well-positioned to address.

It's January 28th 2021, which means Data Privacy Day is upon us once again. It's good that we have this day to draw attention to data protection and have the conversation around privacy, but have you ever stopped to consider who's listening? If today's goal is to empower individuals and encourage businesses to respect privacy, safeguard data and enable trust, this article aims to shine a light on the threat that smart devices might pose to our privacy.

The emergence of the everywhere enterprise has shifted CISO priorities away from combating network security threats and towards mitigating mobile security risks, Ivanti reveals. 87% CISOs surveyed agreed that mobile devices have become the focal point of their cybersecurity strategies, and 80% CISOs stated that passwords are no longer an effective means of protecting enterprise data, as hackers are increasingly targeting remote workers and mobile devices.