Security News > 2021

Tom Merritt lists five things you need to know about multi-factor authentication. You need to know about multi-factor authentication, or as a lot of other folks call it two-factor authentication.

MFA can help make your organization more secure. Tom Merritt lists five things you need to know about multi-factor authentication.

The recently observed assaults haven't reached the magnitude of the largest DDoS attacks the company has mitigated to date, which have peaked at 1.35 Tbps in 2018 and at 1.44 Tbps in 2020, but three of them are among the six biggest volumetric DDoS attacks Akamai has ever encountered. Akamai says the increased number of bigger volumetric DDoS attacks is the new norm.

Intel is being sued under a Florida state wiretapping law for using software on its website to capture keystrokes and mouse movements of people that visit it. A class-action suit in the Circuit Court of the Fifth Judicial Circuit In and For Lake County, Florida, alleges that the tech giant unlawfully intercepted communications without user consent because of its use of analytics technology on its website.

Several industry professionals have shared thoughts on why we are seeing a surge in cybersecurity unicorns. Private market data provider PitchBook told SecurityWeek that a record was set in the first quarter of 2021, with 12 cybersecurity unicorns created globally, which is more than double the previous quarterly high.

Recent Linux kernel updates include patches for a couple of vulnerabilities that could allow an attacker to bypass mitigations designed to protect devices against Spectre attacks. Symantec reported on Monday that Piotr Krysiuk, a member of its Threat Hunter team, has identified two new vulnerabilities in the Linux kernel that can be exploited to bypass mitigations for the Spectre vulnerabilities.

The Harris Federation, a not-for-profit charity responsible for running 50 primary and secondary academies in London and Essex, has become the latest UK education body to fall victim to ransomware. In a message to pupils and parents, the group, which is led and run by teachers, admitted that criminals had meddled with its servers.

Available at millions of global online businesses and continuing to expand over the coming months, PayPal customers with cryptocurrency holdings in the U.S. will be able to choose to check out with crypto seamlessly within PayPal at checkout. "As the use of digital payments and digital currencies accelerates, the introduction of Checkout with Crypto continues our focus on driving mainstream adoption of cryptocurrencies, while continuing to offer PayPal customers choice and flexibility in the ways they can pay using the PayPal wallet," said Dan Schulman, president and CEO, PayPal.

Malicious commits were made to the php-src repo on Sunday that could have enabled hackers to perform remote code execution on websites running the hijacked code. The main Git repository for the PHP programming language has been moved to GitHub after hackers tried to insert a backdoor into the source code.

The recently patched vulnerabilities in Microsoft Exchange have sparked new interest among cybercriminals, who increased the volume of attacks focusing on this particular vector. While ransomware attacks have increased in frequency in the past six months, cybersecurity company Check Point last week noticed a surge in incidents targeting Microsoft Exchange servers vulnerable to the so-called ProxyLogon critical bugs.