Cybersecurity News


5 common scams and how to avoid them

Fraudsters are quick to exploit current events for their own gain, but many schemes do the rounds regardless of what’s making the news. Here are 5 common scams you should look out for.

The post 5 common scams and how to avoid them appeared first on WeLiveSecurity

11 January 2021

Security Technology Cannot Stop All Attacks

Technology alone cannot protect you. Bad guys are constantly developing new ways to get past firewalls, anti-virus and filters. You are the best defense against any attacker.
11 January 2021

Some ransomware gangs are going after top execs to pressure companies into paying

Ransomware gangs are prioritizing stealing data from workstations used by executives in the hopes of finding and using valuable information to use in the extortion process.
09 January 2021

Google removes Parler app from Play Store

Google cites the lack of content moderation on the platform and "ongoing and urgent public safety threat."
08 January 2021

Russian Hacker Sentenced to 12 Years for Role in Breaches of JP Morgan, Others

Crimes netted him $19 million overall.
08 January 2021

CISA: SolarWinds hackers also used password guessing to breach targets

CISA says the threat actor behind the SolarWinds hack also used password guessing and password spraying to breach targets, not just trojanized updates.
08 January 2021

Malicious Software Infrastructure Easier to Get and Deploy Than Ever

Malicious Software Infrastructure Easier to Get and Deploy Than Ever Researchers at Recorded Future report a rise in cracked Cobalt Strike and other open-source adversarial tools with easy-to-use interfaces.
08 January 2021

A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets

A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets Threatpost editors discuss the SolarWinds hack, healthcare ransomware attacks and other threats that will plague enterprises in 2021.
08 January 2021

Ryuk Rakes in $150M in Ransom Payments

Ryuk Rakes in $150M in Ransom Payments An examination of the malware gang's payments reveals insights into its economic operations.
08 January 2021

State Department creates bureau to reduce 'likelihood of cyber conflict'

The new Bureau of Cyberspace Security and Emerging Technologies (CSET) will manage cybersecurity issues as part of the US' foreign policy and diplomatic efforts.
08 January 2021

Malware Developers Refresh Their Attack Tools

Cisco analyzes the latest version of the LokiBot malware for stealing credentials, finding that its developers have added more misdirection and anti-analysis features.
08 January 2021

Cartoon: Shakin' It Up at the Office

Cartoon: Shakin' It Up at the Office And the winner of our December cartoon caption contest is ...
08 January 2021

SolarWinds Hires Chris Krebs and Alex Stamos for Breach Recovery

The former US cybersecurity official and former Facebook security chief will help SolarWinds respond to its recent attack and improve security.
08 January 2021

SolarWinds Hires Chris Krebs, Alex Stamos in Wake of Hack

SolarWinds Hires Chris Krebs, Alex Stamos in Wake of Hack Former CISA director Chris Krebs and former Facebook security exec Alex Stamos have teamed up to create a new consulting group - and have been hired by SolarWinds.
08 January 2021

Week in security with Tony Anscombe

Watch out for a new PayPal smishing campaign – Employee login credentials up for sale – WhatsApp to share more data with Facebook

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

08 January 2021

Chrome, Firefox updates fix severe security bugs

Successful exploitation of some of these flaws could allow attackers to take control of vulnerable systems

The post Chrome, Firefox updates fix severe security bugs appeared first on WeLiveSecurity

08 January 2021

A crypto-mining botnet is now stealing Docker and AWS credentials

After if began stealing AWS credentials last summer, the TeamTNT botnet is now also stealing Docker API logins, making the use of firewalls mandatory for all internet-exposed Docker interfaces.
08 January 2021

Top 5 'Need to Know' Coding Defects for DevSecOps

Integrating static analysis into the development cycle can prevent coding defects and deliver secure software faster.
08 January 2021

FBI Warns of Egregor Attacks on Businesses Worldwide

FBI Warns of Egregor Attacks on Businesses Worldwide The agency said the malware has already compromised more than 150 organizations and provided insight into its ransomware-as-a-service behavior.
08 January 2021

Nvidia releases security update for high-severity graphics driver vulnerabilities

Exploits include data tampering, denial of service, and privilege escalation.
08 January 2021