Media coverage - 2021

Media coverage published in 2021

Apple to Start Enforcing New App Privacy Notifications

April 8, 2021

Security Magazine

Apple announced it will start enforcing a new privacy notification rule that digital advertising firms such as Facebook have warned will hurt their profits. According to a Reuters report, the notices will be mandatory when its iOS 14.5 operating system becomes available. The notices will require an app developer to ask a user's permission before the app can track activity across companies' apps and websites.

Text Link

New Report Reveals Collaboration Platform Security Risks

April 8, 2021

Security Magazine

According to a new report, communication platforms have allowed attackers to circumvent perimeter security controls and maximize infection capabilities. Over the past year, adversaries are increasingly relying on these platforms as part of the infection process.

Text Link

Threat Actors Targeted Slack and Discord as the Pandemic Raged On

April 8, 2021

SC Magazine

Researchers on Wednesday reported that as the pandemic continued this past year, threat actors adjusted to employee reliance on new communications technologies such as Slack and Discord and launched targeted malware attacks on those platforms.

Text Link

Solarwinds Was A Dangerous Precedent – How Can the Supply Chain Be Secured?

April 7, 2021

Cyber Defence Magazine

Gregory Cardiet, our Sr. Director of security engineering, discusses how the latest SolarWinds incident has served as a wake up call for organizations to be vigilant against supply chain attacks.

Text Link

Attackers Blowing Up Discord, Slack with Malware

April 7, 2021

Threatpost

Workflow and collaboration tools like Slack and Discord have been infiltrated by threat actors, who are abusing their legitimate functions to evade security and deliver info-stealers, remote-access trojans (RATs) and other malware.

Text Link

Rethinking Cyberattack Response: Prevention & Preparedness

April 7, 2021

Dark Reading

Our CEO, Hitesh Sheth, says that SolarWinds should be remembered as a trigger for companies to improve their security posture and be prepared for that inevitable breach. He believes that the current state of cybersecurity incident response needs to change from focusing on prevention to instead focus on preparedness.

Text Link

Facebook User Data Exposed Again; 533 Million Accounts Affected

April 6, 2021

Sinclair Broadcast Group

More than a half-billion Facebook users had their personal information leaked in the latest reported breach that has brought attention back to the social media giant's poor record of protecting users' data and privacy.

Text Link

All Eyes on PCAP: The Gold Standard of Traffic Analysis

April 6, 2021

Security Week

PCAP, or full packet data capture for analysis, does what it says – it captures the entirety of every packet that comprises the network traffic (both metadata and content). If something happens on the network, PCAP knows about it. Whether it is malware moving data around, or staff arranging a private party, it can be captured and then analyzed.

Text Link

Leveraging usage patterns and behaviors to protect Office 365

April 5, 2021

Security MEA

Account takeover in Office365 is said to become the largest security threat in the cloud. Vectra acknowledges this and in an interview with Security MEA, Ammar Enaya, regional director – Middle East, Turkey & North Africa (METNA) at Vectra AI elaborates some of the key points related to cyber-attacks and Office 365.

Text Link

CISA Releases Supplemental Direction On Emergency Directive for Microsoft Exchange Server

April 2, 2021

Security Magazine

CISA has issued supplemental direction to Emergency Directive (ED) 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities providing additional forensic triage and server hardening, requirements for federal agencies. Specifically, this update directs federal departments and agencies to run newly developed tools —Microsoft’s Test-ProxyLogon.ps1 script and Safety Scanner MSER—to investigate whether their Microsoft Exchange Servers have been compromised.

Text Link

CISA Orders Action Against Exchange Vulnerabilities

April 1, 2021

Security Boulevard

Underscoring the continued potential threat from the recently discovered exploitation of vulnerabilities in Microsoft Exchange Servers, the Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to take a number of actions to shore up security, including immediately scanning the servers for malware.

Text Link

Enterprises Remain Riddled With Overprivileged Users -- and Attackers Know It

April 1, 2021

Dark Reading

Recent breaches have underscored the dangers of overprivileged user accounts and software processes, highlighting the need for companies to discover and mitigate the privileged accounts that could be used by attackers to further compromise important systems and applications.

Text Link

7 Security Strategies as Employees Return to the Office

April 1, 2021

Dark Reading

More sooner than later, employees will be making their way back to the office. Here's how security pros can plan for the next new normal.

Text Link

CISA Encourages Everyone to Follow Updated Guidance for Microsoft Exchange Fixes

April 1, 2021

SC Magazine

CISA encourages all organizations to fix Microsoft Exchange vulnerabilities in the wake of massive exploitation campaigns targeting the software. Tim Wade from Vectra discusses how CISA has instructed organizations with insufficient cybersecurity expertise to fully disconnect their on-premises Exchange infrastructure instructions for rebuilding and reprovisioning are provided.

Text Link

CISA Orders Agencies to Recheck for Exchange Compromises

April 1, 2021

Gov Info Security

The Cybersecurity and Infrastructure Security Agency is ordering federal executive branch agencies to rescan and recheck their networks by Monday for any signs of compromise related to unpatched vulnerabilities in on-premises Microsoft Exchange email servers. In addition, the agencies have until June 28 to implement CISA's recommended steps to harden their infrastructure against attacks.

Text Link

SolarWinds Attackers Accessed DHS Emails, Report

March 30, 2021

Threatpost

Current and former administration sources say the nation-state attackers were able to read the Homeland Security Secretary’s emails, among others. The SolarWinds cyberattackers compromised the head of the Department of Homeland Security (DHS) under former president Trump and other top-ranking members of the department’s cybersecurity staff, according to a report.

Text Link

SolarWinds Attackers Accessed DHS Secretary’s Emails — Report

March 30, 2021

Infosecurity Magazine

Suspected Russian hackers managed to access the emails of Donald Trump’s last Department of Homeland Security (DHS) chief, in an intelligence coup for the Kremlin, according to a new report. Email accounts belonging to then-acting secretary Chad Wolf were reportedly compromised by attackers during the months-long campaign, although it’s not clear what information was taken. Email accounts belonging to cybersecurity staff whose job it was to tackle foreign cyber-threats were also apparently affected.

Text Link

SolarWinds Hackers Reportedly Gained Access to Emails of Top Homeland Security Officials

March 30, 2021

Silicon Angle

The latest confirmed victim in the now infamous SolarWinds Worldwide hack is reported to be the U.S. Department of Homeland Security, as email accounts belonging to the then-DHS head and cybersecurity staff were breached.

Text Link

Pair of Apex Legends Players Banned for DDoS Server Attacks

March 29, 2021

Threatpost

Two high-ranked Apex Legends players have been banned from the platform for cheating by launching distributed denial-of-service (DDoS) attacks on an Xbox server. The players, who had achieved the rank of “Apex Predators” in the console version of the game haven’t been named, but the whole thing went down publicly on Reddit’s r/apexlegends forum over the weekend.

Text Link

Suspected Russian Hackers Gained Access to US Homeland Security Emails

March 29, 2021

The Guardian

Suspected Russian hackers gained access to email accounts belonging to the Trump administration’s head of homeland security (DHS) and members of cybersecurity staff whose jobs included hunting threats from foreign countries, the Associated Press (AP) has learned.

Text Link

Cybersécurité : le piratage massif des boites email, une vraie «grenade dégoupillée»

March 28, 2021

Le Parisien

Les failles de sécurité Proxylogon, qui touchent les serveurs de Microsoft Exchange, ont ouvert la voie à des cyberattaques ciblées, telles que le spear phishing ou le déploiement de rançongiciels, malgré le correctif de sécurité apporté en urgence. Entreprises et collectivités locales restent très vulnérables.

Text Link

Slack Removes Message Invites in DM Feature Over Harassment Concerns

March 26, 2021

Security Magazine

Slack rolled out a new cross-organizational direct messaging feature, and hours later disabled the option to send a message alongside an invite due to concerns that the feature could be used to send abusive messages or enable harassment. Our CTO, Oliver Tavakoli, shares his thoughts.

Text Link

Slack Partially Rolls Back New Direct-Messaging Service Over Harassment Concerns

March 25, 2021

Silicon Angle

Messaging platform provider Slack Technologies Inc. has partially rolled back a new direct-message feature hours after launching it due to concerns that it could be used for harassment. Oliver Tavakoli, our CTO, shared that when a collaboration platform adds features which extend beyond a single organization’s boundary, a complex set of issues inevitably arises.

Text Link

New Slack Connect DM Feature Raises Security Concerns

March 25, 2021

Security Week

Business communications platform Slack rushed to take action on Wednesday after customers raised security-related concerns regarding a new feature that allows users to send direct messages to any other Slack user.

Text Link

6 Tips for Limiting Damage from Third-Party Attacks

March 25, 2021

Dark Reading

The ability to protect your organization from third-party attacks will become increasingly critical as attackers try to maximize the effectiveness of their malicious campaigns.

Text Link