Cybersecurity News
Thousands of VMware vCenter Servers Remain Open to Attack Over the Internet
Three weeks after company disclosed two critical vulnerabilities in the workload management utility, many organizations have not patched the technology yet, security vendor says.15 June 2021
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Attackers had used the cloud-based infrastructure to target mailboxes and add forwarding rules to learn about financial transactions.15 June 2021
Security Experts Scrutinize Apple, Amazon IoT Networks
Both companies have done their due diligence in creating connected-device networks, but the pervasiveness of the devices worries some security researchers.15 June 2021
Millions of Connected Cameras Open to Eavesdropping

15 June 2021
Andariel Group Targets South Korean Entities in New Campaign
Andariel, designated as a sub-group of the Lazarus Group APT, has historically targeted South Korean organzations.15 June 2021
Deloitte Buys Terbium Labs to Expand Threat Intel Capabilities
Terbium Labs' products and services will become part of Deloitte's Detect & Respond lineup, the company confirms.15 June 2021
Malicious PDFs Flood the Web, Lead to Password-Snarfing

15 June 2021
What Industrial Control System Vulnerabilities Can Teach Us About Protecting the Supply Chain
Older technologies used in industrial and critical infrastructure leave the sector highly vulnerable to attack, but organizations can take steps to better protect themselves.15 June 2021
Microsoft Disrupts Large-Scale, Cloud-Based BEC Campaign

15 June 2021
Microsoft takes down large‑scale BEC operation
The fraudsters ran their campaigns from the cloud and used phishing and email forwarding rules to steal their targets' financial information.
The post Microsoft takes down large‑scale BEC operation appeared first on WeLiveSecurity
15 June 2021
How President Biden Can Better Defend the US From Russian Hacks

15 June 2021
How Does One Get Hired by a Top Cybercrime Gang?
The U.S. Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot, a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. Just how did a self-employed web site designer and mother of two come to work for one of the world’s most rapacious cybercriminal groups and then leave such an obvious trail of clues indicating her involvement with the gang? This post explores answers to those questions, as well as some of the ways Trickbot and other organized cybercrime gangs gradually recruit, groom and trust new programmers.15 June 2021
Insider Risks In the Work-From-Home World

15 June 2021
SASE & Zero Trust: The Dream Team

15 June 2021
How Does the Government Buy Its Cybersecurity?
The federal government is emphasizing cybersecurity regulation, education, and defense strategies this year.15 June 2021
Critical remote code execution flaw in thousands of VMWare vCenter servers remains unpatched
Close to a month on, internet-facing servers remain vulnerable to attack.15 June 2021
Microsoft Gets Second Shot at Banning hiQ from Scraping LinkedIn User Data

15 June 2021
Apple Hurries Patches for Safari Bugs Under Active Attack

15 June 2021
Pandemic prompts digital ‘boom’ in account creation - as well as password fatigue
Lockdown forced many of us online and this hasn't helped our security postures.15 June 2021
VPN Attacks Surged in First Quarter
But volume of malware, botnet, and other exploit activity declined because of the Emotet botnet takedown.14 June 2021