Cybersecurity News
More Details Emerge on the Microsoft Exchange Server Attacks
The attacks are more widespread than initially reported, researchers say, and a look at why the Microsoft Exchange Server zero-days patched this week are so dangerous.03 March 2021
Intel: Paid Research Caught More Than 90% of Our Vulnerabilities
Internal research and external bug-bounty programs combined to discover the vast majority of reported security issues in the company's software.03 March 2021
Okta to Buy Rival Auth0
The deal, valued at $6.5 billion, will bring together competitors in the identity management space.03 March 2021
Unpatched Bug in WiFi Mouse App Opens PCs to Attack
Wireless mouse-utility lacks proper authentication and opens Windows systems to attack.
03 March 2021
CISA to Federal Agencies: Immediately Patch or 'Disconnect' Microsoft Exchange Servers
The US Department of Homeland Security agency's new emergency directive comes in the wake of major zero-day attacks on email servers revealed by Microsoft this week.03 March 2021
Google Patches Actively-Exploited Flaw in Chrome Browser
A flaw (CVE-2021-21166) in the Audio component of Google Chrome is fixed in a new update being pushed out to Windows, Mac and Linux users.
03 March 2021
Malaysia Air Downplays Frequent-Flyer Program Data Breach
A third-party IT provider exposed valuable airline data that experts say could be a goldmine for cybercriminals.
03 March 2021
Home-Office Photos: A Ripe Cyberattack Vector
Threat actors can use personal information gleaned from images to craft targeted scams, putting personal and corporate data at risk.
03 March 2021
RTM Cybergang Adds New Quoter Ransomware to Crime Spree
The Russian-speaking RTM threat group is targeting organizations in an ongoing campaign that leverages a well-known banking trojan, brand new ransomware strain and extortion tactics.
03 March 2021
Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow
Attackers have weaponized code dependency confusion to target internal apps at tech giants.
03 March 2021
How SolarWinds Busted Up Our Assumptions About Code Signing
With so much automation in code writing process, results are rarely double-checked, which opens the door to vulnerabilities and downright danger.03 March 2021
Microsoft Exchange Zero-Day Attackers Spy on U.S. Targets
Full dumps of email boxes, lateral movement and backdoors characterize sophisticated attacks by a Chinese APT - while more incidents spread like wildfire.
03 March 2021
Design, Security, Tech Is the New Stack You Should Be Building
Instead of different departments managing information systems, Ally Financial has combined data, digitization, security, and design into a single "stack" of human resources.03 March 2021
Ursnif Trojan has targeted over 100 Italian banks
1,700 credentials were stolen from a single payment processor.03 March 2021
Microsoft account hijack vulnerability earns bug bounty hunter $50,000
The researcher says he could have abused the bug to hijack Microsoft accounts.03 March 2021
Google patches actively exploited Chrome browser zero-day vulnerability
Upgrading your Chrome build as quickly as possible is recommended.03 March 2021
Not all cybercriminals are sophisticated
Some perpetrators of online crime and fraud don’t use advanced methods to profit at the expense of unsuspecting victims and to avoid getting caught
The post Not all cybercriminals are sophisticated appeared first on WeLiveSecurity
03 March 2021
SEC charges group for alleged pump-and-dump Airborne Wireless stock scam
SEC claims investors were defrauded out of $45 million.03 March 2021
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
03 March 2021
Policy Group Calls for Public-Private Cyber-Defense Program
The proposed National Cyber Response Network would link federal agencies, companies, and local governments, allowing collaboration during a cyberattack.02 March 2021