Cybersecurity News


Secured-Core PCs May Mitigate Firmware Attacks, But Adoption Lags

Microsoft maintains that exploitation of recent Dell vulnerabilities would be blocked on ultra-secure PCs - but most systems do not have the technology yet.
02 July 2021

Microsoft Issues New CVE for 'PrintNightmare' Flaw

Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function.
02 July 2021

TrickBot Spruces Up Its Banking Trojan Module

TrickBot Spruces Up Its Banking Trojan Module After focusing almost exclusively on delivering ransomware for the past year, the code changes could indicate that TrickBot is getting back into the bank-fraud game.
02 July 2021

Widespread Brute-Force Attacks Tied to Russia’s APT28

Widespread Brute-Force Attacks Tied to Russia’s APT28 The ongoing attacks are targeting cloud services such as Office 365 to steal passwords and password-spray a vast range of targets, including in U.S. and European governments and military.
02 July 2021

Why Healthcare Keeps Falling Prey to Ransomware and Other Cyberattacks

Why Healthcare Keeps Falling Prey to Ransomware and Other Cyberattacks Nate Warfield, CTO of Prevailion and former Microsoft security researcher, discusses the many security challenges and failings plaguing this industry.
02 July 2021

SOC Investment Improves Detection and Response Times, Data Shows

A survey of IT and security pros finds many are confident in their ability to detect security incidents in near-real time or within minutes.
02 July 2021

Another 0-Day Looms for Many Western Digital Users

Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-day flaw. But there is a similarly serious zero-day flaw present in a much broader range of newer Western Digital MyCloud network storage devices that will remain unfixed for many customers who can't or won't upgrade to the latest operating system.
02 July 2021

Week in security with Tony Anscombe

Remembering John McAfee, an antivirus software pioneer – Beware these Facebook scams – Data for almost all LinkedIn users scraped and up for sale

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

02 July 2021

Twitter now lets users set security keys as the only 2FA method

You can now secure your account with a physical security key as your sole 2FA method, without any additional 2FA option

The post Twitter now lets users set security keys as the only 2FA method appeared first on WeLiveSecurity

02 July 2021

5 Mistakes That Impact a Security Team's Success

5 Mistakes That Impact a Security Team's Success The way we work and treat each other go a long way in improving our organizations' security posture.
02 July 2021

WFH: A Smart Time to Revisit Employee Use of Social Media

Employers have their hands full when it comes to monitoring online activities that could hurt the brand or violate the organization's core values.
02 July 2021

CISA Offers New Mitigation for PrintNightmare Bug

CISA Offers New Mitigation for PrintNightmare Bug CERT urges administrators to disable the Windows Print spooler service in Domain Controllers and systems that don’t print, while Microsoft attempts to clarify RCE flaw with a new CVE assignment.
02 July 2021

GitHub Unveils AI Tool to Speed Development, but Beware Insecure Code

The company has created an AI system, dubbed Copilot, to offer code suggestions to developers, but warns that any code produced should be tested for defects and vulnerabilities.
01 July 2021

CISA Urges Orgs to Disable Windows Print Spooler on Critical Systems

Patches Microsoft issued last month not effective against exploits targeting "PrintNightmare" flaw, agency and others say.
01 July 2021

Linux Variant of REvil Ransomware Targets VMware’s ESXi, NAS Devices

Linux Variant of REvil Ransomware Targets VMware’s ESXi, NAS Devices Criminals behind the potent REvil ransomware have ported the malware to Linux for targeted attacks.
01 July 2021

Defeating Ransomware-as-a-Service? Think Intel-Sharing

Defeating Ransomware-as-a-Service? Think Intel-Sharing Aamir Lakhani, cybersecurity researcher and practitioner at FortiGuard Labs, explains the rise of RaaS and the critical role of threat intel in effectively defending against it.
01 July 2021

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Financial services giant Intuit this week informed 1.4 million small businesses using its QuickBooks Online Payroll and Intuit Online Payroll products that their payroll information will be shared with big-three consumer credit bureau Equifax starting later this year unless customers opt out by the end of this month. Intuit says the change is tied to an "exciting" and "free" new service that will let millions of small business employees get easy access to employment and income verification services when they wish to apply for a loan or line of credit.
01 July 2021

WhiteHat Security Rebrands as NTT Application Security

The name change follows NTT Security Corporation's acquisition of WhiteHat in 2019.
01 July 2021

Name That Edge Toon: Security Grill

Name That Edge Toon: Security Grill Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
01 July 2021

CISA Updates CSET Tool for Ransomware Defense

A new module provides a set of practices to help organizations assess how well-equipped they are to defend and recover from ransomware.
01 July 2021