Security News

Researchers at Cybereason say they have discovered an undocumented malware targeting the Russian military sector and bearing the hallmarks of originating in China if not being Chinese state sponsored. One sample was found dropping previously unknown malware, that the Cybereason researchers have now called PortDoor.

Apple patched a zero-day vulnerability in its MacOS that can bypass critical anti-malware capabilities and which a variant of the notorious Mac threat Shlayer adware dropper already has been exploiting for several months. Security researcher Cedric Owens first discovered the vulnerability, tracked as CVE-2021-30657 and patched in macOS 11.3, an update dropped by Apple on Monday.

Source Defense announced its partnership with Prevalent to identify threats and protect online businesses against automated and client-side attacks exploiting third-party code and website access. To improve visibility into these risks Source Defense identifies and analyzes the areas targeted by client-side threats and open-source risks.

Dozens of defense companies, government agencies, and financial organizations in America and abroad appear to have been compromised by China via vulnerabilities in their Pulse Connect Secure VPN appliances - including a zero-day flaw that won't be patched until next month. On Tuesday, IT software supplier Ivanti, the parent of Pulse Secure, issued a wake-up call to its customers by revealing it looks as though select clients were compromised via their encrypted gateways.

Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure SSL VPN appliance actively exploited in attacks against worldwide organizations and focused on US Defense Industrial base networks. To mitigate the vulnerability tracked as CVE-2021-22893, Pulse Secure advises customers with gateways running PCS 9.0R3 and higher to upgrade the server software to the 9.1R.11.

Panasonic announced its modular TOUGHBOOK 55 notebook is now available for the defense industry with an integrated Eclypt Core Encrypted Internal Hard Drive from global communications company, Viasat. The Panasonic TOUGHBOOK 55 sets a new standard for rugged mobile computing with users able to customise their device for different tasks while in the field.

The highest-ranked officer in India's armed forces has admitted that China has cyber-war capabilities that can overwhelm his nation's defenses and suggested that only cross-forces collaboration will get India to parity with its giant neighbor. General Bipin Rawat, a four-star general and since 2020 the first to hold a new role of chief of defense staff, offered that assessment yesterday in a talk hosted by Indian think tank the Vivekananda International Foundation.

One solution to the dilemma of using different security defenses is to look for one company that provides everything to replace existing security defenses. To exemplify the idea of centralized cybersecurity Cyrebro has designed a security solution that unifies all of the security tools of an organization to make it easier to track security events, proactively deal with cyber threat intelligence, and ensure a rapid incident response.

Remote working is here to stay, and with this, security and safety have gained even more relevance. Security analysts are receiving thousands of alerts daily, and now with so many remote workers, these alerts could come from thousands of locations.

A report issued on Tuesday by email security provider Armorblox looked at the tactics employed by three recent phishing campaigns and suggests ways to avoid these types of scams. In each case, the emails were able to get past security defenses to end up in the inboxes of their targeted victims.