Cybersecurity News


MyBook Investigation Reveals Attackers Exploited Legacy, Zero-Day Vulnerabilities

A previously unknown flaw in Western Digital's older network-attached storage systems allowed unauthenticated commands to trigger a factory reset, formatting the hard drives, says the company after its preliminary investigation.
30 June 2021

MyBook Investigation Reveals Attackers Exploited Legacy, 0-Day Vulnerabilities

A previously unknown flaw in Western Digital's older network-attached storage systems allowed unauthenticated commands to trigger a factory reset, formatting the hard drives, says the company after its preliminary investigation.
30 June 2021

Impersonation Becomes Top Phishing Technique

A new report finds IT, healthcare, and manufacturing are the industries most targeted by phishing emails.
30 June 2021

Indexsinas SMB Worm Campaign Infests Whole Enterprises

Indexsinas SMB Worm Campaign Infests Whole Enterprises The self-propagating malware's attack chain is complex, using former NSA cyberweapons, and ultimately drops cryptominers on targeted machines.
30 June 2021

Attackers Already Unleashing Malware for Apple macOS M1 Chip

Apple security expert Patrick Wardle found that some macOS malware written for the new M1 processor can bypass anti-malware tools.
30 June 2021

Global police shut down VPN service favored by cybercriminals

A global operation takes down the infrastructure of DoubleVPN and seizes data about its customers

The post Global police shut down VPN service favored by cybercriminals appeared first on WeLiveSecurity

30 June 2021

Intl. Law Enforcement Operation Takes Down DoubleVPN

The VPN service allegedly provided a means for cybercriminals to target their victims, Europol officials report.
30 June 2021

3 Things Every CISO Wishes You Understood

Ensuring the CISO's voice is heard by the board will make security top of mind for the business, its employees, and their customers.
30 June 2021

7 Skills the Transportation Sector Needs to Fuel Its Security Teams

7 Skills the Transportation Sector Needs to Fuel Its Security Teams Without a top-notch team to stop attackers, our favorite modes of transportation could come to a screeching halt.
30 June 2021

Why MTTR is Bad for SecOps

Why MTTR is Bad for SecOps Kerry Matre, senior director at Mandiant, discusses the appropriate metrics to use to measure SOC and analyst performance, and how MTTR leads to bad behavior.
30 June 2021

Zero-Day Used to Wipe My Book Live Devices

Zero-Day Used to Wipe My Book Live Devices Threat actors may have been duking it out for control of the compromised devices, first using a 2018 RCE, then password-protecting a new vulnerability.
30 June 2021

PoC Exploit Circulating for Critical Windows Print Spooler Bug

PoC Exploit Circulating for Critical Windows Print Spooler Bug The "PrintNightmare" bug may not be fully patched, some experts are warning, leaving the door open for widespread remote code execution attacks.
30 June 2021

Is Compliance-Only Security Giving Cybercriminals Your Security Playbook?

Compliance-only security strategies aren't working. CISOs should squarely focus on being secure while achieving compliance.
30 June 2021

9 Hot Trends in Cybersecurity Mergers & Acquisitions

9 Hot Trends in Cybersecurity Mergers & Acquisitions Security experts share their observations of the past year in cybersecurity M&A, highlighting key trends and notable deals.
30 June 2021

Feds Told to Better Manage Facial Recognition, Amid Privacy Concerns

Feds Told to Better Manage Facial Recognition, Amid Privacy Concerns A GAO report finds government agencies are using the technology regularly in criminal investigations and to identify travelers, but need stricter management to protect people’s privacy and avoid inaccurate identification
30 June 2021

Common Facebook scams and how to avoid them

Are you on Facebook? So are scammers. Here are some of the most common con jobs on Facebook you should watch out for and how you can tell if you’re being scammed.

The post Common Facebook scams and how to avoid them appeared first on WeLiveSecurity

30 June 2021

Google Updates Vulnerability Data Format to Support Automation

The Open Source Vulnerability schema supports automated vulnerability handling in Go, Rust, Python, and Distributed Weakness Filing system, and it could be the favored format for future exporting of data.
29 June 2021

Ransomware Losses Drive Up Cyber-Insurance Costs

Premiums have gone up by 7% on average for small firms and between 10% and 40% for medium and large businesses.
29 June 2021

Users Clueless About Cybersecurity Risks: Study

Users Clueless About Cybersecurity Risks: Study The return to offices, coupled with uninformed users (including IT pros) has teed up an unprecedented risk of enterprise attack.
29 June 2021

CISA Publishes Catalog of Poor Security Practices

Organizations often focus on promoting best practices, CISA says, but stopping poor security practices is equally important.
29 June 2021