Cybersecurity News
How Fake Accounts and Sneaker-Bots Took Over the Internet

08 July 2021
Microsoft issues patch to fix PrintNightmare zero‑day bug
The out-of-band update fixes a remote code execution flaw affecting the Windows Print Spooler service
The post Microsoft issues patch to fix PrintNightmare zero‑day bug appeared first on WeLiveSecurity
08 July 2021
Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software
Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya, a Miami-based company whose products help system administrators manage large networks remotely. Now it appears Kaseya's customer service portal was left vulnerable until last week to a data-leaking security flaw that was first identified in the same software six years ago.08 July 2021
Kaseya Hacked via Authentication Bypass
The Kaseya ransomware attack is believed to have been down to an authentication bypass. Yes, ransomware needs to be on your radar -- but good authentication practices are also imperative.08 July 2021
The NSA's 'New' Mission: Get More Public With the Private Sector
The National Security Agency's gradual emergence from the shadows was "inevitable" in cybersecurity, says Vinnie Liu, co-founder and CEO of offensive security firm Bishop Fox and a former NSA analyst. Now the agency has to figure out how to best work with the private sector, especially organizations outside the well-resourced and seasoned Fortune 100.08 July 2021
Ransomware as a service: Negotiators are now in high demand
RaaS groups are hiring negotiators whose primary role is to force victims to pay up.08 July 2021
What Colonial Pipeline Means for Commercial Building Cybersecurity
Banks and hospitals may be common targets, but now commercial real estate must learn to protect itself against stealthy hackers.08 July 2021
Coursera API vulnerabilities disclosed by researchers
Coursera took “prompt ownership” of the bugs, once reported.08 July 2021
170 Android cryptocurrency mining scam apps have stolen $350,000 from users
Users are paying up in the belief they are mining cryptocurrency. In reality, they get nothing.08 July 2021
Ransomware: To pay or not to pay? Legal or illegal? These are the questions …
Caught between a rock and a hard place, many ransomware victims cave in to extortion demands. Here’s what might change the calculus.
The post Ransomware: To pay or not to pay? Legal or illegal? These are the questions … appeared first on WeLiveSecurity
08 July 2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Automation allowed a REvil affiliate to move from exploitation of vulnerable servers to installing ransomware on downstream companies faster than most defenders could react.07 July 2021
Fake Android Apps Promise Cryptomining Services to Steal Funds
Researchers discover more than 170 Android apps that advertise cloud cryptocurrency mining services and fail to deliver.07 July 2021
Sophos Acquires Capsule8 for Linux Server & Container Security
The deal was announced the same day ZeroFox bought Dark Web intelligence firm Vigilante as a wave of security M&A continues.07 July 2021
Critical Sage X3 RCE Bug Allows Full System Takeovers

07 July 2021
MacOS Targeted in WildPressure APT Malware Campaign

07 July 2021
Are Security Attestations a Necessity for SaaS Businesses?

07 July 2021
Microsoft Releases Emergency Patch for 'PrintNightmare' Vuln
It organizations to immediately apply security update, citing exploit activity.07 July 2021
Suspected ‘Dr HeX’ Hacker Busted for 9 Years of Phishing

07 July 2021
Security 101: The 'PrintNightmare' Flaw

07 July 2021
Fake Kaseya VSA Security Update Drops Cobalt Strike

07 July 2021