Cybersecurity News


BazaLoader Attackers Create Fake Movie Streaming Site to Trick Victims

The BazaLoader infection chain includes a live call center and "customer service" from criminals, researchers report.
27 May 2021

Acronis: Pandemic Hastened Cloud Migration, Prompting New Security Issues

SPONSORED: WATCH NOW -- The COVID-19 pandemic has accelerated an ongoing shift in data away from business data centers to home offices and the cloud, explains Candid Wuest, VP of cyber protection research for Acronis.
27 May 2021

Let's Stop Blaming Employees for Our Data Breaches

Assuming employees want to steal trade secrets pits them against your security teams, creates stress and reduces productivity.
27 May 2021

DHS Orders Pipeline Operators to Report Cyberattacks, Review Security Posture

On the heels of the Colonial Pipeline attack, the US Department of Homeland Security aims to force a reticent industry to improve its ability to detect and respond to cybersecurity attacks.
27 May 2021

How Menlo Uses Isolation to Secure Mobile Devices in the Cloud

SPONSORED: WATCH NOW -- Mobile devices like smartphones and tablets have emerged as popular targets for bad actors looking to break into to cloud-based networks, according to Poornima DeBolle, chief product officer for Menlo Security.
27 May 2021

Prevention Is the Only Cure: The Dangers of Legacy Systems

Prolonged exposure to poorly managed legacy IT devices proves time and time again the familiar adage: What can go wrong will go wrong.
27 May 2021

Fujitsu SaaS Hack Sends Govt. of Japan Scrambling

Fujitsu SaaS Hack Sends Govt. of Japan Scrambling Tech giant disables ProjectWEB cloud-based collaboration platform after threat actors gained access and nabbed files belonging to several state entities.
27 May 2021

Biden’s Cybersecurity Executive Order Puts Emphasis on the Wrong Issues

Biden’s Cybersecurity Executive Order Puts Emphasis on the Wrong Issues David Wolpoff, CTO at Randori, argues that the call for rapid cloud transition Is a dangerous proposition: "Mistakes will be made, creating opportunities for our adversaries.
27 May 2021

ExtraHop Explains How Advanced Threats Dominate Threat Landscape

SPONSORED: WATCH NOW -- How do SOC professionals build a strategy when they lack basic information about how such threats operate? Advanced threats by their very nature create plenty of uncertainty, according to Matt Cauthorn, VP of cloud security for ExtraHop.
27 May 2021

Fake human rights organization, UN branding used to target Uyghurs in ongoing cyberattacks

The ethnic group is being targeted in spy campaigns under the guise of the United Nations.
27 May 2021

I hacked my friend’s website after a SIM swap attack

Here’s how easily your phone number could be stolen, why a successful SIM swap scam is only the beginning of your problems, and how you can avoid becoming a victim of the attack

The post I hacked my friend’s website after a SIM swap attack appeared first on WeLiveSecurity

27 May 2021

Enterprises Applying OS Patches Faster as Endpoint Risks Grow

New study shows sharp increase in number of endpoint devices with sensitive data on them.
26 May 2021

Google Discovers New Rowhammer Attack Technique

Researchers publish the details of a new Rowhammer vulnerability called "Half-Double" that exploits increasingly smaller DRAM chips.
26 May 2021

Zscaler Buys Deception Technology Startup

ZScaler's CEO says Smokescreen Technologies' capabilities will be integrated with Zscaler's ZIA and ZPA products.
26 May 2021

PDF Feature ‘Certified’ Widely Vulnerable to Attack

PDF Feature ‘Certified’ Widely Vulnerable to Attack Researchers found flaws most of the ‘popular’ PDF applications tested.
26 May 2021

VMware Sounds Ransomware Alarm Over Critical Severity Bug

VMware Sounds Ransomware Alarm Over Critical Severity Bug VMware’s virtualization management platform, vCenter Server, has a critical severity bug the company is urging customers to patch “as soon as possible”.
26 May 2021

Bluetooth bugs could allow attackers to impersonate devices

Patches to remedy the vulnerabilities should be released over the coming weeks

The post Bluetooth bugs could allow attackers to impersonate devices appeared first on WeLiveSecurity

26 May 2021

Cisco: Reduced Complexity in the SOC Improves Enterprise Security

SPONSORED: WATCH NOW -- All it took was a global pandemic and a shift to working from home to expose security operations centers' open secret: Too much software, systems, and data to filter. Dug Song, chief strategy officer of Cisco Secure, makes a strong case for why reducing that complexity is the only tenable way forward for security professionals.
26 May 2021

BazaLoader Masquerades as Movie-Streaming Service

BazaLoader Masquerades as Movie-Streaming Service The website for “BravoMovies” features fake movie posters and a FAQ with a rigged Excel spreadsheet for “cancelling” the service, but all it downloads is malware.
26 May 2021

Bug Bounties and the Cobra Effect

Are bug bounty programs allowing software companies to skirt their responsibility to make better, more secure products from the get-go?
26 May 2021