Cybersecurity News


Watch Out for These Cyber-Risks

It's difficult to predict what will materialize in the months ahead in terms of cyber-risks, which is why it's wise to review your organization's security posture now.
30 March 2021

What You Need to Know -- or Remember -- About Web Shells

What You Need to Know -- or Remember -- About Web Shells What's old is new again as Web shell malware becomes the latest attack vector in widespread Exchange exploits. Here's a primer on what Web shells are and what they do.
30 March 2021

SolarWinds Attackers Accessed DHS Emails, Report

SolarWinds Attackers Accessed DHS Emails, Report Current and former administration sources say the nation-state attackers were able to read the Homeland Security Secretary's emails, among others.
30 March 2021

Ghost Users Haunt Healthcare Firms

Data security hygiene severely lacking among healthcare firms, new research shows.
30 March 2021

Backdoor added to PHP source code in Git server breach

Had the incident gone unnoticed, the attackers could have taken over websites using the tainted code

The post Backdoor added to PHP source code in Git server breach appeared first on WeLiveSecurity

30 March 2021

Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain

Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain The Cyber Kill Chain and MITRE ATT&CK are popular reference frameworks to analyze breaches, but amid the rise of XDR, we may need a new one.
30 March 2021

In the Rush to Embrace Hybrid Cloud, Don't Forget About Security

Cloud service providers typically only secure the infrastructure itself, while customers are responsible for their data and application security.
30 March 2021

Intel Sued Under Wiretapping Laws for Tracking User Activity on its Website

Intel Sued Under Wiretapping Laws for Tracking User Activity on its Website A class-action suit in Florida accuses the tech giant of unlawfully intercepting communications by using session-replay software to capture the interaction of people visiting the corporate homepage Intel.com.
30 March 2021

Department of Homeland Security email accounts exposed in SolarWinds hack

Reports suggest Russian threat groups accessed DHS emails during the SolarWinds fiasco.
30 March 2021

Panasonic, McAfee team up to tackle vehicle cybersecurity

Early response tech for physical attacks and cyber intrusions is on the list for development.
30 March 2021

Ransomware group targets Universities of Maryland, California in new data leaks

This follows similar extortion attempts impacting two other US universities this month.
30 March 2021

Manufacturing Firms Learn Cybersecurity the Hard Way

Although 61% of smart factories have experienced a cybersecurity incident, IT groups and operational technology groups still don't collaborate enough on security.
29 March 2021

Pair of Apex Legends Players Banned for DDoS Server Attacks

Pair of Apex Legends Players Banned for DDoS Server Attacks Predator-ranked players on Xbox console game version rigged matches with DDoS attacks.
29 March 2021

Attackers Target PHP Git Server to Backdoor Source Code

The PHP maintainers have decided to make GitHub the official source for PHP repositories going forward.
29 March 2021

SolarWinds Hackers Accessed DHS Chief's Email

Several high-level government accounts were also breached in the attack.
29 March 2021

Hades Ransomware Gang Exhibits Connections to Hafnium

Hades Ransomware Gang Exhibits Connections to Hafnium There could be more than immediately meets the eye with this targeted attack group.
29 March 2021

PHP Infiltrated with Backdoor Malware

PHP Infiltrated with Backdoor Malware The server for the web-application scripting language was compromised on Sunday.
29 March 2021

Apple rushes to patch zero‑day flaw in iOS, iPadOS

The bug is under active exploitation by unknown attackers and affects a wide range of devices, including iPhones, iPads and Apple Watches

The post Apple rushes to patch zero‑day flaw in iOS, iPadOS appeared first on WeLiveSecurity

29 March 2021

4 Open Source Tools to Add to Your Security Arsenal

4 Open Source Tools to Add to Your Security Arsenal Open source solutions can offer an accessible and powerful way to enhance your security-testing capabilities.
29 March 2021

Official PHP Git server targeted in attempt to bury malware in code base

The cyberattack has prompted a rapid and permanent move to GitHub.
29 March 2021