Security News

SEMPRE provides military-grade 5G and high-performance edge computing infrastructure for telecom operators, first responders, government and enterprise customers. SEMPRE accelerates the transition towards decentralized digital infrastructure by leveraging distributed edge computing optimized for artificial intelligence - making its customers' networks stronger and reducing data transport, while providing them with new revenue opportunities.

As recent ransomware and cyberattacks are highlighting the potential impact of data loss to critical infrastructure, Veeam is strengthening its commitment to deliver Modern Data Protection to the U.S government with additional industry resources. With more than 1,200 government customers, VGS is focused on the backup and protection of mission-critical data for the U.S. Department of Defense, Civilian Agencies, Native American Tribes, the Intelligence Community and Federal System Integrators.

The U.S. Cybersecurity and Infrastructure Security Agency on Tuesday issued an advisory regarding a critical software supply-chain flaw impacting ThroughTek's software development kit that could be abused by an adversary to gain improper access to audio and video streams. ThroughTek's point-to-point SDK is widely used by IoT devices with video surveillance or audio/video transmission capability such as IP cameras, baby and pet monitoring cameras, smart home appliances, and sensors to provide remote access to the media content over the internet.

A cyberespionage campaign blamed on China was more sweeping than previously known, with suspected state-backed hackers exploiting a device meant to boost internet security to penetrate the computers of critical U.S. entities. The Pulse Secure hack has largely gone unnoticed while a series of headline-grabbing ransomware attacks have highlighted the cyber vulnerabilities to U.S. critical infrastructure, including one on a major fuels pipeline that prompted widespread shortages at gas stations.

Cyborg Security unveiled new capabilities within the HUNTER content platform. These capabilities are designed to defend against rapidly evolving threats, including growing attacks on critical infrastructure and supply chains, while reducing Mean-Time-to-Deployment of threat hunting and detection content.

German software maker SAP this week released 17 new security notes documenting security vulnerabilities being fixed as part of the company's June 2021 SAP Security Patch Day. SAP NetWeaver received the largest number of patches with a total of 10 security notes documenting and resolving vulnerabilities.

Google patched more than 90 security vulnerabilities in its Android operating system impacting its Pixel devices and third-party Android handsets, including a critical remote code-execution bug that could allow an attacker to commandeer a targeted vulnerable mobile device. The Android System component of the OS also has a second critical vulnerability, an elevation-of-privilege issue tracked as CVE-2021-0516.

Google this week announced the availability of the latest monthly security patches for the Android operating system, which address more than 50 vulnerabilities, including several rated critical severity. The bug affects Android 8.1, 9, 10, and 11 iterations, the same as another critical flaw in the System component - CVE-2021-0516 - which could lead to elevation of privileges.

Malicious actors are actively mass scanning the internet for vulnerable VMware vCenter servers that are unpatched against a critical remote code execution flaw, which the company addressed late last month. "Mass scanning activity detected from 104.40.252.159 checking for VMware vSphere hosts vulnerable to remote code execution," tweeted Troy Mursch, chief research officer at Bad Packets.

Cybersecurity researchers on Thursday disclosed as many as ten critical vulnerabilities impacting CODESYS automation software that could be exploited to achieve remote code execution on programmable logic controllers. The Russian cybersecurity firm noted that it detected the vulnerabilities on a PLC offered by WAGO, which, among other automation technology companies such as Beckhoff, Kontron, Moeller, Festo, Mitsubishi, and HollySys, use CODESYS software for programming and configuring the controllers.