Security News

A high-severity vulnerability that VMware patched this week in VMware Tools for Windows could be exploited to execute arbitrary code with elevated privileges. Tracked as CVE-2021-21999 and featuring a CVSS score of 7.8, the issue is a local privilege escalation that requires for an attacker to have normal access to a virtual machine for successful exploitation.

Google this week announced that it has released open source tools and libraries that can be used by developers to implement fully homomorphic encryption. FHE enables the processing of encrypted data without providing access to the actual data.

Hackers have breached computer game maker Electronic Arts and stolen source code and related tools for the company's extensive game library, the company has confirmed. EA said it's investigating "a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen," according to a statement published in numerous online reports.

Tavant announced the new version of its end-to-end test automation framework, FIRE 5.0. Tavant's FIRE 5.0 is a comprehensive tool and technology agnostic-test automation framework.

Cisco and AT&T are making it easier for businesses to adapt to the future of work, whatever it may be. "Our Webex solutions transformed the cloud calling experience and combine enterprise-calling features with market-leading virtual meetings and collaboration technology - all within the Webex App. And we're proud to work with AT&T to provide its customers and employees with the tools and technologies they require to thrive in the new hybrid workplace."

SignalWire announced that it has raised $30 Million in a Series B round to accelerate the creation of the next generation of unified cloud communications tools. Since its inception, SignalWire's singular focus has been on the democratization of communications applications, and it is now building the infrastructure for Telecom 2.0, the next generation of modern telecommunications technologies.

Kali Linux 2021.2 was released today by Offensive Security and includes new themes and features, such as access to privileged ports, new tools, and a console-based configuration utility. Kali Linux is a Linux distribution designed for cybersecurity professionals and ethical hackers to perform penetration testing and security audits.

Offensive Security has released Kali Linux 2021.2, the latest version of its popular open source penetration testing platform. Offensive Security has introduced two new tools for making Kali easier to use: Kaboxer and Kali-Tweaks.

The latest escalation of the cybersecurity arms race finds threat actors following their targets into the cloud as they start to launch difficult-to-detect attacks by leveraging trusted domains owned by companies like Google and Microsoft. According to a blog post from cybersecurity software company Proofpoint, cloud collaboration tools like Microsoft 365, Azure, OneDrive, SharePoint, G-Suite and Firebase are being used to launch an increasing number of cyberattacks, and their cloud-hosted nature makes them difficult to detect.

As modern infrastructures get more complex everyday, DevOps teams have a hard time tracking infrastructure drift. The multiplicity of parameters turns infrastructure drift into a multidimensional issue as this situation implies tracking changes across a combination of setups over time.