Security News > 2021

Training for a lucrative tech career is easier and less expensive than you might think. Check out these online courses on programming, cybersecurity, project management and more.

Less than a week before the Christmas holiday, French IT services company Inetum Group was hit by a ransomware attack that had a limited impact on the business and its customers. Inetum is active in more than 26 countries, providing digital services to companies in various sectors: aerospace and defense, banking, automotive, energy and utilities, healthcare, insurance, retail, public sector, transportation, telecom and media.

The actors have set up a page that looks very close to Android's official Google Play app store to trick visitors into thinking they are installing the app from a trustworthy service. The malware pretends to be the official banking app for Itaú Unibanco and features the same icon as the legitimate app.

Blackmagic Software has recently addressed two security vulnerabilities in the highly popular DaVinci Resolve software that would allow attackers to gain code execution on unpatched systems. As its developer Blackmagic claims, DaVinci Resolve is "Hollywood's most popular solution for editing" for Mac, Windows, and Linux.

The latest example is a phishing campaign that taunts victims with a COVID-19 funeral assistance helpline number. Dridex is banking malware distributed through phishing emails containing malicious Word or Excel attachments.

Microsoft has revealed a vulnerability in its Azure App Service for Linux allowed the download of files that users almost certainly did not intend to be made public. Microsoft bills the Azure App Service as just the thing if you want to "Quickly and easily create enterprise-ready web and mobile apps for any platform or device, and deploy them on a scalable and reliable cloud infrastructure."

Kasada released new data on the latest fraud and malicious automation trends, revealing increased threats during the holidays; rising attacks by bots; and the discovery of a new amped up All in One Grinch Bot that is being used extensively during hype drop sales. Majority of Black Friday bad bots come from the USA, followed by Australia and the UK. "As we approach 2022, the frequency and severity of bad bots continue to threaten online businesses," said Sam Crowther, CEO, Kasada.

Apple recently fixed a security vulnerability in the macOS operating system that could be potentially exploited by a threat actor to "Trivially and reliably" bypass a "Myriad of foundational macOS security mechanisms" and run arbitrary code. Security researcher Patrick Wardle detailed the discovery in a series of tweets on Thursday.

From social media-influenced sales and app-based mobile purchases to cloud migration, the retail industry is shaped by the purchasing behavior of its customers. All of this data is stored on the cloud, and 77 percent of retailers acknowledge cloud security is a major challenge, making it the number one strategic challenge in the retail industry this year - up from number 14 in 2020.

Okera revealed its top industry predictions and trends expected to emerge in data privacy and governance for 2022 according to the company's CEO, Nick Halsey; CTO, Nong Li; and Okera Advisory Board member and recent Gartner VP analyst, Sanjeev Mohan. Anxiety about the proliferation of data privacy regulations - around the world and within U.S. states - will ratchet up in 2022.