Cybersecurity News
Second SolarWinds Attack Group Breaks into USDA Payroll — Report
A second APT, potentially linked to the Chinese government, could be behind the Supernova malware.
03 February 2021
Patch Imperfect: Software Fixes Failing to Shut Out Attackers
Incomplete patches are allowing attackers to continue exploiting the same vulnerabilities, reducing the cost to compromise.03 February 2021
New Malware Hijacks Kubernetes Clusters to Mine Monero
Researchers warn that the Hildegard malware is part of 'one of the most complicated attacks targeting Kubernetes.'
03 February 2021
Trucking company Forward Air said its ransomware incident cost it $7.5 million
Even if the company recovered from the ransomware attack, the incident left a mark on its Q4 2020 bottom line.03 February 2021
An Observability Pipeline Could Save Your SecOps Team
Traditional monitoring approaches are proving brittle as security operations teams need better visibility into dynamic environments.03 February 2021
Identity theft spikes amid pandemic
The US Federal Trade Commission received 1.4 million reports of identity theft last year, double the number from 2019
The post Identity theft spikes amid pandemic appeared first on WeLiveSecurity
03 February 2021
SolarWinds Attackers Spent Months in Corporate Email System: Report
SolarWinds' CEO says evidence indicates attackers lurked in the company's Office 365 email system for months ahead of the attack.03 February 2021
Cisco Meraki and Openpath launch new enterprise access, video security solution
The offering combines smart camera technology with modern secure access enhancements.03 February 2021
What I Wish I Knew at the Start of My InfoSec Career
Security pros identify lessons learned that impact how they view infosec today.
03 February 2021
Five Critical Android Bugs Patched, Part of Feb. Security Bulletin
February’s security update for the mobile OS includes a Qualcomm flaw rated critical, with a CVSS score of 9.8.
03 February 2021
Security in a Complex World
Innovation and complexity can co-exist; the key is to use innovation to make ever-expanding complexity comprehensible and its effects predictable.03 February 2021
Microsoft Defender ATP is detecting yesterday's Chrome update as a backdoor
Microsoft commercial antivirus product is labeling Chrome's latest update as being infected with the Funvalget backdoor.03 February 2021
Concerns Over API Security Grow as Attacks Increase
Some 66% of organizations say they have slowed deploying an app into production because of API security concerns.03 February 2021
SolarWinds Orion Bug Allows Easy Remote-Code Execution and Takeover
The by-now infamous company has issued patches for three security vulnerabilities in total.
03 February 2021
Mozilla expected to launch its VPN service in Germany and France in Q1 2021
Mozilla VPN is currently available in the US, the UK, Canada, New Zealand, Singapore, and Malaysia only.03 February 2021
Recent root-giving Sudo bug also impacts macOS
A bug in the Sudo app can let attackers with access to a local system to elevate their access to a root-level account.02 February 2021
FTC: ID Theft Doubled in 2020
The Federal Trade Commission said a surge in reports of identity theft occurred amid the COVID-19 pandemic.02 February 2021
Agent Tesla Upgrades with New Delivery & Evasion Tactics
A new version of the remote access Trojan targets Microsoft Anti-Malware Software Interface to bypass endpoint detection.02 February 2021
TrickBot Continues Resurgence with Port-Scanning Module
The infamous malware has incorporated the legitimate Masscan tool, which looks for open TCP/IP ports with lightning-fast results.
02 February 2021
Average Ransom Payments Declined Last Quarter
More victims appear to be realizing that paying a ransom doesn't guarantee stolen data will be purged.02 February 2021