Cybersecurity News


It's High Time for a Security Scoring System for Applications and Open Source Libraries

It's High Time for a Security Scoring System for Applications and Open Source Libraries A benchmarking system would help buyers choose more secure software products and, more importantly, light a fire underneath software producers to make products secure.
06 July 2021

Alleged Cybercriminal Arrested in Morocco Following Interpol Probe

The suspect operated under the name "Dr Hex" to target thousands of people through phishing, fraud, and carding activities.
06 July 2021

Paving the way: Inspiring Women in Payments - A Q&A featuring Lacey Johnson

 

From Human Resources to IT Senior Program Manager, Lacey Johnson found her way to the payments industry purely randomly, by happy accident. Over time, she has been part of the diversification of her company’s Information Security department, which is now 40 percent women. In this edition of our blog, Lacey explains that while gender diversity and leadership has improved in recent years, there is still more to be done for true equality in the payments space.

06 July 2021

Kaseya Patches Imminent After Zero-Day Exploits, 1,500 Impacted

Kaseya Patches Imminent After Zero-Day Exploits, 1,500 Impacted REvil ransomware gang lowers price for universal decryptor after massive worldwide ransomware push against Kaseya security vulnerability CVE-2021-30116.
06 July 2021

Cyberattack on Kaseya Nets More Than 1,000 Victims, $70M Ransom Demand

The provider of remote monitoring and management services warns customers to not run its software until a patch is available and manually installed.
06 July 2021

8 Ways to Preserve Legal Privilege After a Cybersecurity Incident

Knowing your legal distinctions can make defense easier should you end up in court after a breach, attack, or data loss.
06 July 2021

Website of Mongolian certificate authority served backdoored client installer

Researchers say the domain was breached eight times in a short window.
06 July 2021

Kaseya Attack Fallout: CISA, FBI Offer Guidance

Kaseya Attack Fallout: CISA, FBI Offer Guidance Following a brazen ransomware attack by the REvil cybergang, CISA and FBI offer guidance to victims.
05 July 2021

Watch for Cybersecurity Games at the Tokyo Olympics

The cybersecurity professionals guarding the Summer Olympics are facing at least as much competition as the athletes, and their failure could have steeper ramifications.
05 July 2021

Ransomware Defense: Top 5 Things to Do Right Now

Ransomware Defense: Top 5 Things to Do Right Now Matt Bromiley, senior consultant with Mandiant Managed Defense, discusses the top tricks and tips for protecting enterprise environments from ransomware.
05 July 2021

Kaseya ransomware supply chain attack: What you need to know

A ransomware gang is demanding a huge payment after a major software supply chain attack. Here is everything we know so far.
05 July 2021

Kaseya supply‑chain attack: What we know so far

As news breaks about the supply-chain ransomware attack against Kaseya's IT management software, here’s what we know so far

The post Kaseya supply‑chain attack: What we know so far appeared first on WeLiveSecurity

03 July 2021

Barracuda Agrees to Acquire Skout Cybersecurity

The acquisition will bring Barracuda into the extended detection and response (XDR) market with a tool for managed service providers.
02 July 2021

Secured-Core PCs May Mitigate Firmware Attacks, But Adoption Lags

Microsoft maintains that exploitation of recent Dell vulnerabilities would be blocked on ultra-secure PCs - but most systems do not have the technology yet.
02 July 2021

Microsoft Issues New CVE for 'PrintNightmare' Flaw

Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function.
02 July 2021

TrickBot Spruces Up Its Banking Trojan Module

TrickBot Spruces Up Its Banking Trojan Module After focusing almost exclusively on delivering ransomware for the past year, the code changes could indicate that TrickBot is getting back into the bank-fraud game.
02 July 2021

Widespread Brute-Force Attacks Tied to Russia’s APT28

Widespread Brute-Force Attacks Tied to Russia’s APT28 The ongoing attacks are targeting cloud services such as Office 365 to steal passwords and password-spray a vast range of targets, including in U.S. and European governments and military.
02 July 2021

Why Healthcare Keeps Falling Prey to Ransomware and Other Cyberattacks

Why Healthcare Keeps Falling Prey to Ransomware and Other Cyberattacks Nate Warfield, CTO of Prevailion and former Microsoft security researcher, discusses the many security challenges and failings plaguing this industry.
02 July 2021

SOC Investment Improves Detection and Response Times, Data Shows

A survey of IT and security pros finds many are confident in their ability to detect security incidents in near-real time or within minutes.
02 July 2021

Another 0-Day Looms for Many Western Digital Users

Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-day flaw. But there is a similarly serious zero-day flaw present in a much broader range of newer Western Digital MyCloud network storage devices that will remain unfixed for many customers who can't or won't upgrade to the latest operating system.
02 July 2021