Cybersecurity News


Microsoft Patches 3 Windows Zero-Days Amid 117 CVEs

The July Patch Tuesday release also includes the out-of-band fix for the Windows Print Spooler remote code execution flaw under attack.
13 July 2021

Ransomware Giant REvil’s Sites Disappear

Ransomware Giant REvil’s Sites Disappear Just days after President Biden demanded that Russian President Putin shut down ransomware groups, the servers of one of the biggest groups mysteriously went dark.
13 July 2021

Guess Fashion Brand Deals With Data Loss After Ransomware Attack

Guess Fashion Brand Deals With Data Loss After Ransomware Attack An attack on Guess compromised the personal and banking data of 1,300 victims.
13 July 2021

Unpatched Critical RCE Bug Allows Industrial, Utility Takeovers

Unpatched Critical RCE Bug Allows Industrial, Utility Takeovers The 'ModiPwn' bug lays open production lines, sensors, conveyor belts, elevators, HVACs and more that use Schneider Electric PLCs.
13 July 2021

PCI SSC Shares Resources for Navigating Changing Payment Environments

 

Greetings to our PCI SSC stakeholder community!

With 2021 half done, I wanted to take this opportunity to share with you what the PCI Security Standards Council (PCI SSC) is doing to assist the industry as we continue to navigate the changes brought on by the pandemic. The current phase is a hybrid of old and new, and defined by rapid changes including re-openings and continued, or returning, lockdowns.

13 July 2021

Amazon rolls out encryption for Ring doorbells

Privacy advocates have been asking for Amazon to encrypt its popular Ring doorbells audio and video traffic, and Amazon is finally delivering it.
13 July 2021

Adobe Patches 11 Critical Bugs in Popular Acrobat PDF Reader

Adobe Patches 11 Critical Bugs in Popular Acrobat PDF Reader Adobe July patch roundup includes fixes for its ubiquitous and free PDF reader Acrobat 2020 and other software such as Illustrator and Bridge.
13 July 2021

DoD-Validated Data Security Startup Emerges From Stealth

The Code-X platform has been tested by the US Department of Defense and members of the intelligence community.
13 July 2021

Microsoft July 2021 Patch Tuesday: 117 vulnerabilities, Pwn2Own Exchange Server bug fixed

Over 100 CVEs, many of which lead to RCE, have been tackled this month.
13 July 2021

Why We Need to Raise the Red Flag Against FragAttacks

Proliferation of wireless devices increases the risk that corporate networks will be attacked with this newly discovered breed of Wi-Fi-based cyber assault.
13 July 2021

‘Charming Kitten’ APT Siphons Intel From Mid-East Scholars

‘Charming Kitten’ APT Siphons Intel From Mid-East Scholars Professors, journalists and think-tank personnel, beware strangers bearing webinars: It’s the focus of a particularly sophisticated, and chatty, phishing campaign.
13 July 2021

Enterprises Altering Their Supply Chain Defenses on Heels of Latest Breaches

Enterprises Altering Their Supply Chain Defenses on Heels of Latest Breaches More than half of enterprises surveyed for Dark Reading's State of Malware Threats report indicate they are making at least a few changes to their supply chain security defenses following recent attacks on software vendors such as SolarWinds.
13 July 2021

Choosing your MSP: What the Kaseya incident tells us about third‑party cyber risk

Lessons to learn from the Kaseya cyberincident to protect your business' data when doing business with a MSP.

The post Choosing your MSP: What the Kaseya incident tells us about third‑party cyber risk appeared first on WeLiveSecurity

13 July 2021

Can Government Effectively Help Businesses Fight Cybercrime?

From the Biden administration's pledge to take action to INTERPOL's focus on ransomware as a global threat, governments are looking to help businesses cope with cyberattacks. But can it really work?
13 July 2021

Is Remote Desktop Protocol Secure? It Can Be

Is Remote Desktop Protocol Secure? It Can Be Matt Dunn, associate managing director in Kroll's Cyber Risk practice, discusses options for securing RDP, which differ significantly in terms of effectiveness.
13 July 2021

New CISA Director Confirmed, White House Gains Cyber-Director

New CISA Director Confirmed, White House Gains Cyber-Director Jen Easterly, former NSA official and Morgan Stanley vet, will take up the lead at CISA as the ransomware scourge rages on.
13 July 2021

The Trouble With Automated Cybersecurity Defenses

While there's enormous promise in AI-powered tools and machine learning, they are very much a double-edged sword.
13 July 2021

SolarWinds Issues Hotfix for Zero-Day Flaw Under Active Attack

SolarWinds Issues Hotfix for Zero-Day Flaw Under Active Attack Microsoft alerted the company to a security vulnerability in its Serv-U Managed File Transfer and Secure FTP products that a cyberattacker is using to target a “limited” amount of customers.
13 July 2021

Tool Sprawl & False Positives Hold Security Teams Back

Security teams spend as much time addressing false positive alerts as they do addressing actual cyberattacks, survey data shows.
13 July 2021

Modipwn: code execution vulnerability discovered in Schneider Electric Modicon PLCs

The security flaw allows attackers to obtain full control over a PLC.
13 July 2021