Security News > 2021

The U.S. Cyber Command conducted more than two dozen operations aimed at thwarting interference in last November's presidential election, the general who leads the Pentagon's cyber force said Thursday. Nakasone's appearance before the committee came as the U.S. deals with major cyber intrusions, including a breach by elite Russian hackers that exploited supply chain vulnerabilities to break into the networks of federal government agencies and private companies.

Cisco this week announced the release of software updates that address several vulnerabilities in Jabber for desktop and mobile platforms, the most severe of which could be abused to execute arbitrary code with elevated privileges. The bugs impact Cisco Jabber for Windows, macOS, and mobile platforms, and are not dependable to one another.

The maintainers of OpenSSL have released a fix for two high-severity security flaws in its software that could be exploited to carry out denial-of-service attacks and bypass certificate verification. While CVE-2021-3449 affects all OpenSSL 1.1.1 versions, CVE-2021-3450 impacts OpenSSL versions 1.1.1h and newer.

The FBI warns that Mamba ransomware attacks have been directed at entities in the public and private sector, including local governments, transportation agencies, legal services, technology services, industrial, commercial, manufacturing, and construction businesses. Mamba ransomware relies on an open-source software solution named DiskCryptor to encrypt victim computers in the background with a key defined by the attacker.

Magic WAN with Magic Firewall gives customers of all sizes a one-stop-shop to connect and secure data, devices, offices, cloud networks, and more without relying on hardware boxes. Magic WAN is a SaaS solution that connects any traffic source to Cloudflare's global network for secure, fast connectivity, and Magic Firewall integrates with it to enforce security rules across all traffic.

A research from Secure Code Warrior has revealed an attitudinal shift in the software development industry, with organizations bucking traditional practices for DevOps and Secure DevOps. The global survey of professional developers and their managers found 70% of organizations recognize the importance of secure coding practices, with results indicating an industry-wide shift from reaction to prevention is underway.

TransUnion's latest analysis of global online fraud trends found that since the COVID-19 pandemic began, fraudsters are increasing their rate of digital schemes against businesses. A recent study found that more than one in three global consumers have recently been targeted by digital fraud related to COVID-19.

A Mimecast report details how threat actors targeted remote workers during the first year of the pandemic, March 2020 - February 2021. The report describes how attack volume surged by 48% during the first year of the pandemic, with sudden increases in volume corresponding to spikes in COVID-19 infection rates in April and October 2020.

While 2020 was one of the most challenging years for every business, those in financial services and insurance have fared better than most. While 74% of organizations across all sectors have now introduced DevOps, for example, this rises to 81% in financial services and 84% in insurance.

The findings of a Bolster report, along with real life examples, clearly correlate the rise in crypto scams to the value and popularity of cryptocurrencies as well as the increase in individuals seeking financial assistance during the COVID-19 pandemic. With more than 400,000 crypto scams created in 2020, there was a 40 percent increase compared to 2019.