Security News > 2021
Zerodium has announced today an increased interest in exploits for the WordPress content management system that achieve remote code execution. The exploit acquisition platform is now enticing exploit developers and sellers with a $300,000 payout, three times more than the regular price.
Personal data from more than 500 million LinkedIn users has been posted for sale online in yet another incident of threat actors scraping data from public profiles and slinging it online for potential cybercriminal misuse. Hackers posted an archive containing data they said includes LinkedIn IDs, full names, professional titles, email addresses, phone numbers and other personally identifiable information on a popular hacker forum, according to a report in CyberNews on Tuesday.
A new video released by Elon Musk's Neuralink shows a monkey playing Pong using its mind and embedded brain-human interface. These signals can then be used to train Neuralink to perform actions with machinery or other implanted devices so that the person's mind controls them.
Pwn2Own 2021 ended with contestants earning a record $1,210,000 for exploits and exploits chains demoed over the course of three days. The total prize pool for Pwn2Own 2021 was over $1,500,000 in cash and included a Tesla Model 3.
Unknown hackers attempted to add a backdoor to the PHP source code. It was two malicious commits, with the subject "Fix typo" and the names of known PHP developers and maintainers.
Tines, an Ireland-based company that provides no-code automation solutions for security and operations teams, on Thursday announced that it has raised $26 million in a Series B funding round, at a valuation of $300 million. The Series B round, which brings the total raised by Tines to $41 million, was led by investment firm Addition.
South Korean tech giant LG this week announced that it will continue to provide operating system updates to users of its premium Android smartphones, for up to three years. On Thursday, the company announced that it will continue to provide platform updates for all premium LG smartphones that are currently in use.
The Pwn2Own 2021 hacking competition has come to an end, with participants earning more than $1.2 million - more than ever paid out at the event - for exploits in the browser, virtualization, server, local privilege escalation, and enterprise communications categories. The highest rewards were paid out to team Devcore for an Exchange server exploit, a researcher named OV for a Microsoft Teams exploit, and Daan Keuper and Thijs Alkemade from Computest for a zero-click Zoom exploit.
Microsoft has open-sourced software that pits machine-learning-powered network intruders against automated defenders inside virtual networks. The tech, dubbed CyberBattleSim by its creators at the Microsoft 365 Defender research team, is a Python-based OpenAI Gym affair, and sets up pretend networks loaded with vulnerabilities and other weaknesses.
Microsoft has open-sourced software that pits machine-learning-powered network intruders against automated defenders inside virtual networks. The tech, dubbed CyberBattleSim by its creators at the Microsoft 365 Defender research team, is a Python-based OpenAI Gym affair, and sets up pretend networks loaded with vulnerabilities and other weaknesses.