Cybersecurity News


The Trouble With Automated Cybersecurity Defenses

While there's enormous promise in AI-powered tools and machine learning, they are very much a double-edged sword.
13 July 2021

SolarWinds Issues Hotfix for Zero-Day Flaw Under Active Attack

SolarWinds Issues Hotfix for Zero-Day Flaw Under Active Attack Microsoft alerted the company to a security vulnerability in its Serv-U Managed File Transfer and Secure FTP products that a cyberattacker is using to target a “limited” amount of customers.
13 July 2021

Tool Sprawl & False Positives Hold Security Teams Back

Security teams spend as much time addressing false positive alerts as they do addressing actual cyberattacks, survey data shows.
13 July 2021

Modipwn: code execution vulnerability discovered in Schneider Electric Modicon PLCs

The security flaw allows attackers to obtain full control over a PLC.
13 July 2021

Google's Certificate Authority Service leaves preview, now generally available

Google CAS was launched to handle the "growth in certificates in the digital world."
13 July 2021

The hybrid workplace: What does it mean for cybersecurity?

How can organizations mitigate the risk of damaging cyberattacks while juggling the constantly changing mix of office and off-site workers?

The post The hybrid workplace: What does it mean for cybersecurity? appeared first on WeLiveSecurity

13 July 2021

SolarWinds Discloses Zero-Day Under Active Attack

The company confirms this is a new vulnerability that is not related to the supply chain attack discovered in December 2020.
12 July 2021

BIOPASS RAT Uses Live Streaming Steal Victims’ Data

BIOPASS RAT Uses Live Streaming Steal Victims’ Data The malware has targeted Chinese gambling sites with fake app installers.
12 July 2021

WordPress File Management Plugin Riddled with Critical Bugs

WordPress File Management Plugin Riddled with Critical Bugs The bugs allow a range of attacks on websites, including deleting blog pages and remote code execution.
12 July 2021

Microsoft Confirms Acquisition of RiskIQ

RiskIQ's technology helps businesses assess their security across the Microsoft cloud, Amazon Web Services, other clouds, and on-premises.
12 July 2021

Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack

Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack The attacks are enabled by an unpatched security vulnerability in ForgeRock's Access Management, a popular platform that front-ends web apps and remote-access setups.
12 July 2021

Kaseya Patches Zero-Days Used in REvil Attacks

Kaseya Patches Zero-Days Used in REvil Attacks The security update addresses three VSA vulnerabilities used by the ransomware gang to launch a worldwide supply-chain attack on MSPs and their customers.
12 July 2021

Kaseya Releases Security Patch as Companies Continue to Recover

Estimates indicate the number of affected companies could grow, while Kaseya faces renewed scrutiny as former employees reportedly criticize its lack of focus on security.
12 July 2021

AI and Cybersecurity: Making Sense of the Confusion

Artificial intelligence is a maturing area in cybersecurity, but there are different concerns depending on whether you're a defender or an attacker.
12 July 2021

Navigating Active Directory Security: Dangers and Defenses

Navigating Active Directory Security: Dangers and Defenses Microsoft Active Directory, ubiquitous across enterprises, has long been a primary target for attackers seeking network access and sensitive data.
12 July 2021

Cybercriminals troll Iran's leader, cause railway network 'chaos'

Train services were disrupted and the help desk number given was that of Iran's Supreme Leader.
12 July 2021

Kaseya issues patch for on-premise customers, SaaS rollout underway

Support teams are working with clients to apply critical security fixes.
12 July 2021

Cyber Polygon 2021: Towards Secure Development of Digital Ecosystems

Cyber Polygon 2021: Towards Secure Development of Digital Ecosystems Cybersecurity is one of the most important topics on the global agenda, boosted by the pandemic. As the global digitalisation is further accelerating, the world is becoming ever more interconnected. Digital ecosystems are being created all around us: countries, corporations and individuals are taking advantage of the rapid spread of the Internet and smart devices. In this context, a single vulnerable link is enough to bring down the entire system, just like the domino effect.
10 July 2021

How Dangerous is Malware? New Report Finds It's Tough to Tell

Determining which malware is most damaging, and worthy of immediate attention, has become difficult in environments filled with alerts and noise.
09 July 2021

Spike in “Chain Gang” Destructive Attacks on ATMs

Last summer, financial institutions throughout Texas started reporting a sudden increase in attacks involving well-orchestrated teams that would show up at night, use stolen trucks and heavy chains to rip Automated Teller Machines (ATMs) out of their foundations, and make off with the cash boxes inside. Now it appears the crime -- known variously as "ATM smash-and-grab" and "chain gang" attacks -- is rapidly increasing in other states.
09 July 2021