Nobelium, the threat actor behind the SolarWinds compromise in December 2020, has been behind a new wave of attacks that compromised 14 downstream customers of multiple cloud service providers (CSP), managed service providers (MSP), and other IT services organizations, illustrating the adversary’s continuing interest in targeting the supply chain via the “compromise-one-to-compromise-many” approach. Microsoft, which
0 Comments
Virtru, a well-known name in data encryption and privacy, has launched an external zero-trust key-management solution expressly for admins of the Google Cloud Platform (GCPs). Virtru’s cloud-based software protects data throughout its lifecycle as it travels through email and file-sharing platforms, including SaaS solutions, cloud environments, and a diverse range of file ecosystems. It is
0 Comments
PayPal has offered to buy Pinterest for $45 billion (roughly Rs. 3,36,770 crore), people familiar with the matter said, a combination that could herald more financial technology and social media tie-ups in e-ecommerce. It would be the biggest acquisition of a social media company, surpassing Microsoft’s $26.2 billion (roughly Rs. 1,95,990 crore) purchase of LinkedIn in 2016.
0 Comments
Three JavaScript libraries uploaded to the official NPM package repository have been unmasked as crypto-mining malware, once again demonstrating how open-source software package repositories are becoming a lucrative target for executing an array of attacks on Windows, macOS, and Linux systems. The malicious packages in question — named okhsa, klow, and klown — were published
0 Comments
Apple has updated its App Store rules to allow developers to contact users directly about payments, a concession in a legal settlement with companies challenging its tightly controlled marketplace. According to the App Store rules updated Friday, developers can now contact consumers directly about alternative payment methods, bypassing Apple’s commission of 15 or 30 percent.
0 Comments
Only a handful of the U.K.’s scaling startups are getting the most out of their software subscriptions, according to research from SaaS management software provider Cledara. The report, which surveyed 251 finance managers, IT managers, and executive leaders at U.K. firms with 20-500 employees, revealed that just 14% of respondents think all of their SaaS
0 Comments
A newly identified rootkit has been found with a valid digital signature issued by Microsoft that’s used to proxy traffic to internet addresses of interest to the attackers for over a year targeting online gamers in China. Bucharest-headquartered cybersecurity technology company Bitdefender named the malware “FiveSys,” calling out its possible credential theft and in-game-purchase hijacking
0 Comments