Security News > 2021

Slack has enabled a new 'Slack Connect' feature that allows users to send messages or create shared channels with people outside of their organization. While users had previously been able to test the Slack Connect feature, it has begun to roll out to all paid workspaces today.

Forced to quickly transition employees to a work-from-home setup, employers were often ensnared by the security risks of a remote workforce. Security information site Cybersecurity Insiders describes the security challenges of working remotely and offers tips on how organizations can surmount them.

UK-based industrial automation company Ovarro recently patched a series of vulnerabilities in its TBox remote terminal units. Ovarro's TBox RTUs are described by the vendor as a remote telemetry solution for remote automation and monitoring of critical assets.

A malware that has historically targeted exposed Windows machines through phishing and exploit kits has been retooled to add new "Worm" capabilities. Purple Fox, which first appeared in 2018, is an active malware campaign that until recently required user interaction or some kind of third-party tool to infect Windows machines.

Ever since the first dark web monitoring services became available, around 2005, consumers of such services often asked - why aren't these websites being taken down? After all, the sites that comprise the dark web are platforms and tools for illegal activities. There is a case to be made for adopting the other strategy - disrupt the dark web as much as possible - and it seems that unlike the early days of dark web monitoring, it is not one that is discussed at all.

Commercial insurer CNA on Tuesday announced that it was recently targeted in what it described as a sophisticated cyberattack. In a March 23 announcement, the company revealed that, over the weekend, it fell victim to a cyberattack that impacted certain systems, and which resulted in network disruptions.

British clothes retailer Fatface has infuriated some customers by telling them "An unauthorised third party" gained access to systems holding their data earlier this year, and then asking them to keep news of the blunder to themselves. Several people wrote into The Register to let us know about the personal data leak, with reader Terry saying: "You will notice the Fatface email is marked as confidential. This annoyed me."

Cloudflare announced Cloudflare Data Loss Prevention, a network-wide data loss prevention solution that protects all traffic routed through Cloudflare's global network from data loss and help businesses protect all of their information. Cloudflare DLP will sit between the corporate network and any applications employees use, to provide a layer of protection and control over all data entering or leaving the network.

AdaptiveMobile Security today publicly disclosed details of a major security flaw in the architecture of 5G network slicing and virtualized network functions. The fundamental vulnerability has the potential to allow data access and denial of service attacks between different network slices on a mobile operator's 5G network, leaving enterprise customers exposed to malicious cyberattack.

Industrial giant Honeywell on Tuesday revealed that some of its IT systems were disrupted as a result of a malware attack. The company said the intrusion was detected "Recently" and only a "Limited number" of IT systems were disrupted.