Cybersecurity News


Exchange servers under siege from at least 10 APT groups

ESET Research has found LuckyMouse, Tick, Winnti Group, and Calypso, among others, are likely using the recent Microsoft Exchange vulnerabilities to compromise email servers all around the world

The post Exchange servers under siege from at least 10 APT groups appeared first on WeLiveSecurity

10 March 2021

Online health security – when ‘opt out’ isn’t an option

What happens when you try to opt out of e-health to avoid issues in the event of a breach?

The post Online health security – when ‘opt out’ isn’t an option appeared first on WeLiveSecurity

10 March 2021

OVHcloud data centers engulfed in flames

Customers are being urged to launch their own disaster recovery plans.
10 March 2021

Microsoft Patch Tuesday, March 2021 Edition

On the off chance you were looking for more security to-dos from Microsoft today...the company released software updates to plug more than 82 security flaws in Windows and other supported software. Ten of these earned Microsoft's "critical" rating, meaning they can be exploited by malware or miscreants with little or no help from users.
09 March 2021

Apple’s Device Location-Tracking System Could Expose User Identities

Apple’s Device Location-Tracking System Could Expose User Identities Researchers have identified two vulnerabilities in the company’s crowd-sourced Offline Finding technology that could jeopardize its promise of privacy.
09 March 2021

Microsoft Patch Tuesday Updates Fix 14 Critical Bugs

Microsoft Patch Tuesday Updates Fix 14 Critical Bugs Microsoft's regularly scheduled March Patch Tuesday updates address 89 CVEs overall.
09 March 2021

Microsoft Patch Tuesday Fixes 82 CVEs, Internet Explorer Zero-Day

The monthly rollout follows last week's emergency Microsoft Exchange Server patch covering seven CVEs, four of which are under attack.
09 March 2021

Dark Web Markets for Stolen Data See Banner Sales

Dark Web Markets for Stolen Data See Banner Sales Despite an explosion in the sheer amount of stolen data available on the Dark Web, the value of personal information is holding steady, according to the 2021 Dark Web price index from Privacy Affairs. That leaves these thriving dirty data dealers in a familiar predicament — they need to lock down their growing businesses for […]
09 March 2021

Warning the World of a Ticking Time Bomb

Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United States. Each hacked server has been retrofitted with a "web shell" backdoor that gives the bad guys total, remote control, the ability to read all email, and easy access to the victim's other computers. Researchers are now racing to identify, alert and help victims, and hopefully prevent further mayhem.
09 March 2021

Adobe Critical Code-Execution Flaws Plague Windows Users

Adobe Critical Code-Execution Flaws Plague Windows Users The critical flaws exist in Adobe Framemaker, Connect and the Creative Cloud desktop application for Windows.
09 March 2021

Linux Foundation Debuts Sigstore Project for Software Signing

Sigstore aims to improve the open source software supply chain by simplifying the process of cryptographic software signing.
09 March 2021

Adobe releases batch of security fixes for Framemaker, Creative Cloud, Connect

This month’s security release tackles a handful of vulnerabilities.
09 March 2021

Microsoft's March Patch Tuesday: Critical remote code execution flaws, IE zero-day fixed

The fixes follow an unscheduled emergency release for Microsoft Exchange Server.
09 March 2021

Dark Reading 'Name That Toon' Winner: Gather 'Round the Campfire

Dark Reading 'Name That Toon' Winner: Gather 'Round the Campfire And the winner of Dark Reading's February cartoon caption contest is ...
09 March 2021

48% of Security Pros Prohibited From Intelligence-Sharing

Some do so anyway, according to new Kaspersky research.
09 March 2021

COVID-19 Contact-Tracing Apps Signal Broader Mobile App Security Concerns

The rapid launch of contract-tracing apps to control COVID-19's spread opened the door to multiple security and privacy vulnerabilities.
09 March 2021

Leaked Development Secrets a Major Issue for Repositories

Every day, more than 5,000 private keys, database connection strings, certificates, and passwords are leaked to GitHub repositories, putting applications at risk.
09 March 2021

Google Play Harbors Malware-Laced Apps Delivering Spy Trojans

Google Play Harbors Malware-Laced Apps Delivering Spy Trojans A never-before-seen malware-dropper, Clast82, fetches the AlienBot and MRAT malware in a savvy Google Play campaign aimed at Android users.
09 March 2021

WhatsApp may soon roll out encrypted chat backups

While chats are end-to-end encrypted, their backups are not – this may change soon

The post WhatsApp may soon roll out encrypted chat backups appeared first on WeLiveSecurity

09 March 2021

Apple Plugs Severe WebKit Remote Code-Execution Hole

Apple Plugs Severe WebKit Remote Code-Execution Hole Apple pushed out security updates for a memory-corruption bug to devices running on iOS, macOS, watchOS and for Safari.
09 March 2021