Security News > 2021

In a letter to the United States House Committee on Appropriations, two members of the Cyberspace Solarium Commission are asking for an increase in funding for the Cybersecurity and Infrastructure Security Agency in fiscal year 2022. Representatives Jim Langevin and Mike Gallagher are pressing for an allocation increase of at least $400 million to the Homeland Security Subcommittee, to support CISA's budget, arguing that the funding is necessary to ensure timely implementation of "Key authorities Congress just passed to strengthen CISA.".

Threat actors are impersonating Chase Bank in two phishing attacks that can slip past Microsoft Exchange security protections in an aim to steal credentials from victims - by spoofing real-life customer scenarios. "These email attacks employed a gamut of techniques to get past traditional email security filters and pass the eye tests of unsuspecting end users," Kumar wrote.

Navy SEAL platoons are beefing up capabilities in cyber and electronic warfare and unmanned systems, honing their skills to collect intelligence. Ten years after they found and killed Osama bin Laden, U.S. Navy SEALs are undergoing a major transition to improve leadership and expand their commando capabilities to better battle threats from global powers like China and Russia.

The phishing emails use a Microsoft logo within an HTML table, which is not analyzed by security programs, says Inky. In a recent campaign discovered by email security provider Inky, attackers impersonating Microsoft are using a devious method to spoof the software giant's latest logo.

A Chinese-speaking threat actor has deployed a new backdoor in multiple cyber-espionage operations spanning roughly two years and targeting military organizations from Southeast Asia. Naikon is likely a state-sponsored threat actor tied to China, mostly known for focusing its efforts on high-profile orgs, including government entities and military orgs.

DevSecOps company Sysdig on Wednesday announced becoming a "Unicorn" after raising $188 million in a Series F funding round at a valuation of $1.19 billion. The latest funding round, which brings the total raised by the company to $394 million, was led by Premji Invest & Associates and Third Point Ventures, with participation from Accel, Bain Capital Ventures, DFJ Growth, Glynn Capital, Goldman Sachs, Insight Partners, and Next47.

Palo Alto Networks has announced a series of updates coming to its Prisma Cloud platform that the company said automatically protects cloud-hosted virtual machines and can "Increase automation and detection, simplify compliance checks and deepen visibility into malware threats for containers and hosts." Prisma Cloud is a cloud-native security platform designed to protect cloud infrastructure and cloud-native applications. Palo Alto Networks Prisma Cloud SVP for product Varun Badhwar described the new features as a way to help businesses streamline and automate the security of their cloud-native products.

There are methods of checking whether passwords are on the dark web and consequently at risk of being used in credential stuffing; but this generally requires giving the user details to another company. A new service from HackNotice solves this problem: Dark Hash Collisions.

A widespread disinformation campaign dubbed Ghostwriter is believed to be the work of a state-sponsored cyber-espionage group, cybersecurity firm FireEye reported on Wednesday. Between October 2020 and January 2021, FireEye's researchers identified five new Ghostwriter operations conducted in both Polish and English, but which were not aligned with previous activity that relied on compromised websites, spoofed emails, fake personas, and NATO-themed content.

An update released this week by Google for Chrome 90 patches yet another serious vulnerability affecting the V8 JavaScript engine used by the web browser. Liu told SecurityWeek that the flaw can be exploited for remote code execution in the targeted user's browser, but noted that, similar to other recently disclosed V8 vulnerabilities, it does not escape the Chrome sandbox - a sandbox escape bug is needed to exploit CVE-2021-21227 in real world attacks.