Security News > 2021

By integrating innovative machine learning capabilities from Cyberfish with Cofense's detection and response technology, Cofense will bring to market a holistic, advanced automation solution for email protection, detection, and response. With the acceleration of digital transformation and migration to cloud email services from Microsoft 365 and Google Workspace, organizations are rethinking their email security architecture and technology stack.

Venafi is uniquely positioned to capitalize on the rapid growth of machine identity management within security markets, and to that end, the company has appointed Sandeep Singh Kohli as chief marketing officer. "We invented machine identity management, and the market is growing incredibly fast," said Jeff Hudson, CEO of Venafi.

Deepwatch announced the appointment of Christy Lynch as chief marketing officer. Lynch will report to deepwatch CEO Charlie Thomas, and be responsible for the structure, strategy and execution of all aspects of deepwatch's marketing efforts to broaden market awareness and drive demand for the company's cloud-based security operations platform.

Global payments processor VISA warns that threat actors are increasingly deploying web shells on compromised servers to exfiltrate credit card information stolen from online store customers. Throughout the last year, VISA has seen a growing trend of web shells being used to inject JavaScript-based scripts known as credit card skimmers into hacked online stores in web skimming attacks.

Workflow and collaboration tools like Slack and Discord have been infiltrated by threat actors, who are abusing their legitimate functions to evade security and deliver info-stealers, remote-access trojans and other malware. The researchers saw this behavior across malware, adding that one Discord CDN search turned up almost 20,000 results in VirusTotal.

In what appears to be a fresh twist in Android malware, users of Gigaset mobile devices are encountering unwanted apps that are being downloaded and installed through a pre-installed system update app. "The culprit installing these malware apps is the Update app, package name com.redstone.ota.ui, which is a pre-installed system app," Malwarebytes researcher Nathan Collier said.

Roid smartphones from Gigaset have been infected by malware direct from the manufacturer in what appears to be a supply-chain attack. The Trojan, once downloaded and installed on a victim's device via a poisoned software update from the vendor, is capable of opening browser windows, fetching more malicious apps, and sending people text messages to further spread the malware, say researchers and users.

A recent change to the REvil ransomware allows the threat actors to automate file encryption via Safe Mode after changing Windows passwords. In March, we reported on a new Windows Safe Mode encryption mode added to the REvil/Sodinokibi ransomware.

European CISOs are shifting how they spend on security in response to the COVID-19 pandemic and are having to adopt to a raft of new proposed EU cyber regulations. Forrester has recently explored three security topics: that of European cyber regulations, European CISO budgetary trends in 2021, and finally the career paths of CISOs at major UK FTSE 100 organizations.

Cisco has released security updates to address a critical pre-authentication remote code execution vulnerability affecting SD-WAN vManage Software's remote management component. The company fixed two other high-severity security vulnerabilities in the user management and system file transfer functions of the same product allowing attackers to escalate privileges.