Security News > 2021

The FBI deleted web shells installed by criminals on hundreds of Microsoft Exchange servers across the United States, it was revealed on Tuesday. "Although many infected system owners successfully removed the web shells from thousands of computers, others appeared unable to do so, and hundreds of such web shells persisted unmitigated," the Justice Department noted in an announcement.

Despite warnings from the CDC and news media, many vaccinated individuals are putting themselves at risk by posting images of their vaccine cards online, or unknowingly storing unsecure digital images on their devices. Sontiq announced that consumers can gain increased peace of mind and further protection of their sensitive medical files by placing the images into a Secure Identity Vault, which is included as part of Sontiq's identity protection products.

Google on Tuesday released a new version of Chrome web-browsing software for Windows, Mac, and Linux with patches for two newly discovered security vulnerabilities for both of which it says exploits exist in the wild, allowing attackers to engage in active exploitation. UPDATE: Agarwal, in an email to The Hacker News, confirmed that there's one more vulnerability affecting Chromium-based browsers that has been patched in the latest version of V8, but has not been included in the Chrome release rolling out today, thereby leaving users potentially vulnerable to attacks even after installing the new update.

Aruba, a Hewlett Packard Enterprise company announced an expansive set of cross-portfolio edge-to-cloud security integrations for Aruba ESP. The new advancements include the integration of the ClearPass Policy Manager secure network access control platform with the Aruba EdgeConnect SD-WAN edge platform, formerly Silver Peak, the integration of Aruba Threat Defense with the EdgeConnect platform, and the expansion of the Aruba ESP multivendor security partner ecosystem, providing enterprise customers with the freedom to deploy, cloud-delivered secure access service edge security components of their choice. Since IoT devices are agentless, IT departments cannot install security clients or redirect device traffic to cloud security services; therefore, zero trust security must be applied at the WAN edge.

More than 100,000 web pages hosted by Google Sites are being used to trick netizens into opening business documents booby-trapped with a remote-access trojan that takes over victims' PCs and hands control to miscreants. Infosec outfit eSentire on Tuesday said it has noted a wave of so-called search redirection shenanigans, in which people Googling for business forms and the like are shown links to web pages published via Google Sites - a Google-hosted web service - that offer a download of whatever materials they were looking for.

TOYO announces NetEyez, a new network monitoring solution that visualizes entire networks including end-to-end communication using an intuitive and simple to use interface. NetEyez empowers network engineers to perform effective network monitoring.

TP-Link introduced three new Multi-Gigabit switches for business customers. As an expansion to the TP-Link Omada business product line, the new switches enhance network setups for business and provide upgrade options for prosumers in need of an ultra-fast connection.

A court-approved FBI operation was conducted to remove web shells from compromised US-based Microsoft Exchange servers without first notifying the servers' owners. On March 2nd, Microsoft released a series of Microsoft Exchange security updates for vulnerabilities actively exploited by a hacking group known as HAFNIUM. These vulnerabilities are collectively known as ProxyLogon and were used by threat actors in January and February to install web shells on compromised Exchange servers.

Threat Stack announced its ability to support AWS Graviton2-based instances through the Threat Stack Cloud Security Platform. The rapid adoption of AWS Graviton2 workloads presents a challenge for security leaders as many of today's legacy tools do not support it.

Entrust has announced its HyTrust CloudControl solution - now an Entrust business - now supports VMware Cloud Foundation, enabling unified security and compliance controls across the platform, lowering operational overhead and facilitating workload agility. As the hybrid cloud platform for managing virtual machines and orchestrating containers, VMware Cloud Foundation provides a single architecture for consistent, secure infrastructure and operations across private and public clouds.