Cybersecurity News


Storms & Silver Linings: Avoiding the Dangers of Cloud Migration

We hear a lot about the sunlit uplands of cloud-powered business, but what about the risks of making information available across the organization?
24 June 2021

John McAfee, Creator of McAfee Antivirus Software, Dead at 75

McAfee, who was being held in a Spanish jail on US tax-evasion charges, had learned on Monday he would be extradited to the US.
24 June 2021

Tulsa’s Police-Citation Data Leaked by Conti Gang

Tulsa’s Police-Citation Data Leaked by Conti Gang A May 6 ransomware attack caused disruption across several of the municipality’s online services and websites.
24 June 2021

rMTD: A Deception Method That Throws Attackers Off Their Game

rMTD: A Deception Method That Throws Attackers Off Their Game Through a variety of techniques, rotational Moving Target Defense makes existing OS and app vulnerabilities difficult to exploit. Here's how.
24 June 2021

Cybersecurity firms battle DMCA rules over good-faith research

The argument is that current rules are hampering ethical and effective vulnerability reporting.
24 June 2021

BIOSConnect code execution bugs impact millions of Dell devices

A critical bug chain allows attackers to impersonate the vendor and impact code at the root level.
24 June 2021

Atlassian Bugs Could Have Led to 1-Click Takeover

Atlassian Bugs Could Have Led to 1-Click Takeover A supply-chain attack could have siphoned sensitive information out of Jira, such as security issues on Atlassian cloud, Bitbucket and on-prem products.
24 June 2021

30M Dell Devices at Risk for Remote BIOS Attacks, RCE

30M Dell Devices at Risk for Remote BIOS Attacks, RCE Four separate security bugs would give attackers almost complete control and persistence over targeted devices, thanks to a faulty update mechanism.
24 June 2021

One-click account takeover vulnerabilities in Atlassian domains patched

Research was conducted in light of the increasing threat of supply-chain attacks.
24 June 2021

79% of Third-Party Libraries in Apps Are Never Updated

A lack of contextual information and concerns over application disruption among contributing factors.
23 June 2021

VMs Help Ransomware Attackers Evade Detection, But It's Uncommon

Some ransomware attackers use virtual machines to bypass security detection, but adoption is slow for the complicated technique.
23 June 2021

Microsoft Tracks New BazaCall Malware Campaign

Attackers use emails to prompt victims to call a fraudulent call center, where attackers instruct them to download a malicious file.
23 June 2021

New DNS Name Server Hijack Attack Exposes Businesses, Government Agencies

Researchers found a "novel" class of DNS vulnerabilities in AWS Route53 and other DNS-as-a-service offerings that leak sensitive information on corporate and government customers, with one simple registration step.
23 June 2021

 New Training: Work from Home Security Awareness

 

The COVID-19 pandemic has forever changed how companies and employees view working from home. It is estimated that 25-30% of the workforce will be working from home multiple days a week by the end of 2021. In the rush to set up remote work environments, its possible organizations and workers overlooked cybersecurity best practices. To help bridge this knowledge gap, PCI SSC has created a low cost 45-minute training to educate organizations and remote workers on the basics of working from home in a secure manner. We talk with Travis Powell, Director of Training Programs, to learn more about this new training and the importance of prioritizing security in the remote workforce.

23 June 2021

Survey Seeks to Learn How 2020 Changed Security

Respondents to a new Dark Reading/Omdia survey will be entered into a drawing for a Black Hat Black Card.
23 June 2021

Iran Media Websites Seized by U.S. in Disinformation Campaign

Iran Media Websites Seized by U.S. in Disinformation Campaign DoJ uses sanctions laws to shut down an alleged Iranian government malign influence campaign.
23 June 2021

When Will Cybersecurity Operations Adopt the Peter Parker Principle?

When Will Cybersecurity Operations Adopt the Peter Parker Principle? Having a prevention mindset means setting our prevention capabilities to "prevent" instead of relying on detection and response.
23 June 2021

Pandemic-Bored Attackers Pummeled Gaming Industry

Pandemic-Bored Attackers Pummeled Gaming Industry Akamai's 2020 gaming report shows that cyberattacks on the video game industry skyrocketed, shooting up 340 percent in 2020.
23 June 2021

Brave launches its own, privacy‑focused search engine

The Brave Search engine takes on Google, promising to let users surf the web without leaving a trace

The post Brave launches its own, privacy‑focused search engine appeared first on WeLiveSecurity

23 June 2021

Critical Palo Alto Cyber-Defense Bug Allows Remote ‘War Room’ Access

Critical Palo Alto Cyber-Defense Bug Allows Remote ‘War Room’ Access Remote, unauthenticated cyberattackers can infiltrate and take over the Cortex XSOAR platform, which anchors unified threat intelligence and incident responses.
23 June 2021