May 2021 - Page 4 of 4 - Cyber Security Minute

TsuNAME Vulnerability Can Be Exploited for DDoS Attacks on DNS Servers

Issued by: Security Week

The flaw, dubbed TsuNAME, was discovered by researchers at SIDN Labs (the R&D team of the registry for .nl domains), InternetNZ (the registry for .nz domains), and the Information Science Institute at the University of Southern California. Impacted organizations have been notified and given 90 days to take action before the vulnerability was disclosed. Google…

Application Security

Android App Developers Required by Google to Share More Info on Data Handling

Issued by: Security Week

Planned as a safety section in Google Play, the change is expected to “help people understand the data an app collects or shares, if that data is secured, and additional details that impact privacy and security.” Google is already asking developers to say whether their application is collecting user data, but the new requirement will…

Malware & Threats

Healthcare CIOs fear (and fend off) ransomware threats amid pandemic

Issued by: CIO Security

Mt. San Rafael Hospital thwarted a ransomware attack on one of its sister facilities earlier this year before anything could be compromised. The organization is still working through the details of the hack, says CIO Michael Archuleta, whose hospital is part of the BridgeCare Health Network, which includes five hospitals in Colorado. “It could have…

Software Security

Cisco Patches Critical Flaws in SD-WAN, HyperFlex HX Products

Issued by: Security Week

Two critical vulnerabilities were patched in the SD-WAN vManage software, alongside three high-severity issues. The bugs are not dependent on one another and their exploitation doesn’t require exploitation of the others. One of the critical flaws (CVE-2021-1468, CVSS score 9.8) could allow unauthenticated, remote attackers to call privileged actions and even create new administrative accounts,…

Software Security

Cyber Asset Management Startup JupiterOne Raises $30 Million

Issued by: Security Week

The funding round was led by Sapphire Ventures, with participation from previous investor Bain Capital Ventures. The company plans to use the new funds to scale up its engineering, product development, and go-to-market capabilities. It will also invest in growing its self-service capacity for small and midsize companies. Founded in 2018, the North Carolina-based firm…

Network Security

Acronis Raises $250 Million at $2.5 Billion Valuation

Issued by: Security Week

The funding, which brings the total raised by the company to more than $400 million, was led by CVC Capital Partners VII. Acronis announced achieving “unicorn” status in 2019 after raising $147 million. The money raised in the latest funding round will be invested in sales, staff resources, R&D, and to expand its product portfolio…