SecurityWeek

Researchers have discovered several vulnerabilities in the SHAREit Android application, including flaws that could expose sensitive user data and allow remote code execution.

North Korean hackers tried to break into the computer systems of pharmaceutical giant Pfizer in a search for information on a coronavirus vaccine and treatment technology, South Korea's spy agency said Tuesday, according to reports.

Russia-Linked Threat Group Caught Deploying Backdoors on Linux Servers in an Attack That Triggers New Conversations on Software Supply Chain Security

Many companies still expose SolarWinds Orion to the internet and have failed to take action following the disclosure of the massive SolarWinds breach, according to RiskRecon, a Mastercard company that specializes in risk assessment.

Slovenia-based cybersecurity research company ACROS Security last week announced the release of an unofficial micro-patch for a zero-day vulnerability in Microsoft Internet Explorer (IE) that North Korean hackers are believed to have exploited in a campaign targeting security researchers.

Several cybersecurity-related mergers and acquisitions were announced in the second week of February 2021.

VMware last week informed customers about the availability of patches for a potentially serious vulnerability affecting its vSphere Replication product.vSphere Replication, a VMware vSphere component, is a virtual machine replication engine designed for data protection and disaster recovery.

Accellion has formally announced plans to retire FTA, the large file transfer service that was at the heart of several recently disclosed data breaches.The 20-year-old service is planned for retirement on April 30, 2021, past which Accellion won’t renew licenses for the software.

A man who played a key role in a computer malware scam has been sentenced to two years in prison, federal prosecutors say.

Researchers from Google and Stanford University have analyzed the patterns of more than 1.2 billion email-based phishing and malware attacks targeting Gmail users, and found that most attack campaigns are short-lived and sent to fewer than 1,000 targets.

On the heels of last week’s lye-poisoning attack against a small water plant in Florida, the U.S. government’s cybersecurity agency is pleading with critical infrastructure defenders to rip-and-replace Windows 7 from their networks as a matter of urgency.

This week the United States sentenced a Ukrainian man to prison for his involvement in a scheme to steal money from the bank accounts of U.S. victims and launder the funds to bank accounts overseas.

Improperly generated ISNs (Initial Sequence Numbers) in nine TCP/IP stacks could be abused to hijack connections to vulnerable devices, according to new research from Forescout.

Famed “Shark Tank” investor and cybersecurity entrepreneur Robert Herjavec found himself on the other side of the negotiating table recently, and has agreed to sell a majority stake in the security firm he founded in 2003 to investment group Apex Partners.

The U.S.

Election systems in the U.S. are vulnerable to cyber intrusions similar to the one that hit federal agencies and numerous businesses last year and remain a potential target for foreign hacking, according to a report released Wednesday.

Arlington, Va.-based data privacy management company WireWheel on Wednesday announced that it raised $20 million in a Series B funding round.

The traditional network perimeter has been replaced with multiple edge environments. These include WAN, multi-cloud, IoT, home offices, the new device edge, and more. Each edge environment comes with its own set of unique risks and vulnerabilities, which is why they have become a prime target for cybercriminals, who are shifting significant resources to strategically target and exploit emerging network edge environments.

Autonomous vehicle security solutions provider AUTOCRYPT this week announced that it raised another $13 million in its Series A funding round, which brings the total secured in this round to roughly $15 million.