Security News > 2021

"I think the stars are better aligned than ever in the past," Keith Enright, Google's chief data privacy office, told a discussion Tuesday on trust and privacy. The European Union's General Data Protection Regulation, which has applied since May 2018, has largely contributed to making consumers aware of the issues related to the data that they submit to large digital platforms on a daily basis.

Hackers have started leaking documents related to COVID-19 medicine and vaccines that were stolen from the European Medicines Agency in early December 2020. While EMA did not provide information on the affected third-parties, Pfizer and BioNTech at the time published a joint statement to reveal that the incident resulted in hackers accessing "Some documents relating to the regulatory submission for Pfizer and BioNTech's COVID-19 vaccine candidate, BNT162b2."

Think of physical access, badge access, wireless access, you know, all these sorts of building access type things that you can use to say, okay, who was in the building at what time, who has been exposed, these are demands that we're seeing the market asked for that CISOs are having to bear the burden for. So there's all sorts of new demand on the CISO. So there's possible litigation at the feet of employers, if they go back, and they're sort of needed outcome around exposure notification, and this sort of vaccination status, a wallet need and where that goes, I don't know.

Someone has set up a website named SolarLeaks where they are offering to sell gigabytes of files allegedly obtained as a result of the recently disclosed SolarWinds breach. The SolarLeaks website offers source code allegedly obtained from Microsoft, Cisco, SolarWinds and FireEye.

WhatsApp on Tuesday reassured users about privacy at the Facebook-owned messaging service as people flocked to rivals Telegram and Signal following a tweak to its terms. WhatsApp's new terms sparked criticism, as users outside Europe who do not accept the new conditions before February 8 will be cut off from the messaging app.

A recently discovered Mobile Remote Access Trojan can take control of the infected Android devices and exfiltrate a trove of user data, Check Point security researchers warn. Dubbed Rogue, the Trojan is the work of Triangulum and HeXaGoN Dev, known Android malware authors that have been selling their malicious products on underground markets for several years.

Microsoft has resolved a known issue that caused the Windows 10 "Reset this PC" feature to fail in some cases, on both client and server platforms. The 'Reset this PC' feature allows Windows 10 customers to reinstall the operating system using either a local recovery image or the latest Windows 10 version available on Microsoft's servers.

I was floored on Wednesday when, glued to my television, I saw police in some areas of the U.S. Capitol using little more than those same mobile gates I had the ones that look like bike racks that can hook together to try to keep the crowds away from sensitive areas and, later, push back people intent on accessing the grounds. That's the same equipment and approximately the same amount of force I was able to use when a group of fans got a little feisty and tried to get backstage at a Vanilla Ice show.

Email security company Mimecast on Tuesday revealed that a sophisticated threat actor had obtained a certificate provided to certain customers. According to Mimecast, it learned from Microsoft that hackers had compromised a certificate used to authenticate Mimecast Continuity Monitor, Internal Email Protect, and Sync and Recover products with Microsoft 365 Exchange Web Services.

Risk management is more than recovery from a cyberattack. Another equally important function of risk management is that it can be considered a proactive methodology used to identify risks in an organization's cybersecurity framework.