Security News > 2021

By distributing malware-ridden laptops to the most vulnerable and needy schoolkids, the Department for Education is guilty of an astonishing breach of responsibility. It turns out that "We want to run our software on your kids phones and teach them cybersecurity through surprising stuff" is a fun thing to say to educators, governments, and funding bodies.

CISOs of organizations that have been hit by the attackers are now mulling over how to make sure that they've eradicated the attackers' presence from their networks, and those with very little risk tolerance may decide to "Burn down" their network and rebuild it. Whichever decision they end up making, Touhill believes that implementing a zero trust security model across their enterprise is essential to better protect their data, their reputation, and their mission against all types of attackers.

To select a suitable data encryption solution for your business, you need to think about a variety of factors. Selecting a data encryption solution for your business should follow the same principles used for assessing any technology before deploying it within your organization: usability, scalability, cross-platform, adaptability and compliance.

The fourth vulnerability was quite interesting, since it re-appeared at the start of the pandemic when Zoom was under increased usage. Two years later I received a message saying the vulnerability had been fixed, and could I spend my free time checking whether the fix was good?

More than 95% of respondents indicated that business operations has become a more important function in their organization in the past year, a Tonkean survey reveals. The survey of 500 IT and business operations professionals at large and mid-sized companies also showed growing frustrations with the status quo of resources and tools to perform operations work.

The Secure Content Management market is expected to achieve an 11.4% compound annual growth rate to reach $2.2 billion in total web and email security revenues by 2024, according to Frost & Sullivan. Threats include more advanced and sophisticated targeted phishing emails, business email compromises, and malicious content.

Over the years, penetration testing has had to change and adapt alongside the IT environments and technology that need to be assessed. We can see whether the effects that recent trends have on pen testing are long term, or simply a temporary shift, and how they affect the continuing evolution of penetration testing.

The San Jose-based company said the attacks leveraged zero-day vulnerabilities in SonicWall secure remote access products such as NetExtender VPN client version 10.x and Secure Mobile Access that are used to provide users with remote access to internal resources. "Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products," the company exclusively told The Hacker News.

A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free. Over the weekend, a threat actor known as ShinyHunters posted the link to an archive that contains the alleged database dumps for the Buyucoin cryptocurrency exchange.

Another ransomware gang is now using DDoS attacks to force a victim to contact them and negotiate a ransom. In October 2020, we reported that ransomware gangs were beginning to utilize DDoS attacks against a victims' network or web site as an extra tool to force them to pay a ransom.