Cybersecurity News
DDoS Attacks Up 31% in Q1 2021: Report
If pace continues, DDoS attack activity could surpass last year's 10-million attack threshold.Rapid7 Is the Latest Victim of a Software Supply Chain Breach
Security vendor says attackers accessed some of its source code using a previously compromised Bash Uploader script from Codecov.What a Year It’s Been: RSA 2021 Embraces ‘Resilience’
Keynoters from Cisco, Netflix and RSA highlighted lessons from the last year, and cybersecurity's new mandate in the post-pandemic world: Bounce back stronger.
RSAC 2021: What Will SolarWinds' CEO Reveal?
In a keynote conversation with Forrester analyst Laura Koetzle, Sudhakar Ramakrishna will get candid about the historic breach.
DarkSide Hits Toshiba; XSS Forum Bans Ransomware
The criminal forum washed its hands of ransomware after DarkSide's pipeline attack & alleged shutdown: A "loss of servers" that didn't stop another attack.
Bizarro Banking Trojan Sports Sophisticated Backdoor
The advanced Brazilian malware has gone global, harvesting bank logins from Android mobile users.
CISOs Struggle to Cope with Mounting Job Stress
Pandemic and evolving IT demands are having a major, negative impact on CISO’s mental health, a survey found.
Latest Security News From RSAC 2021
Check out Dark Reading's updated, exclusive coverage of the news and security themes that are dominating RSA Conference 2021.Latest Security News from RSAC 2021
Check out Dark Reading's updated, exclusive coverage of the news and security themes that are dominating RSA Conference 2021.New Technical FAQs for PCI 3DS Security Standards
PCI SSC Sr. Manager Jake Marcinko discusses the two newly published PCI 3DS Core and 3DS SDK Technical FAQ documents (found here).
Try This One Weird Trick Russian Hackers Hate
In a Twitter discussion last week on ransomware attacks, KrebsOnSecurity noted that virtually all ransomware strains have a built-in failsafe designed to cover the backsides of the malware purveyors: They simply will not install on a Microsoft Windows computer that already has one of many types of virtual keyboards installed -- such as Russian or Ukrainian. So many readers had questions in response to the tweet that I thought it was worth a blog post exploring this one weird cyber defense trick.Agility Broke AppSec. Now It's Going to Fix It.
Outnumbered 100 to 1 by developers, AppSec needs a new model of agility to catch up and protect everything that needs to be secured.Name That Toon: Road Trip
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
Take action now – FluBot malware may be on its way
Why FluBot is a major threat for Android users, how to avoid falling victim, and how to get rid of the malware if your device has already been compromised
The post Take action now – FluBot malware may be on its way appeared first on WeLiveSecurity
Android stalkerware threatens victims further and exposes snoopers themselves
ESET research reveals that common Android stalkerware apps are riddled with vulnerabilities that further jeopardize victims and expose the privacy and security of the snoopers themselves
The post Android stalkerware threatens victims further and exposes snoopers themselves appeared first on WeLiveSecurity
How Apple’s AirTag turns us into unwitting spies in a vast surveillance network
The tech giant says it has security safeguards in place. But these tracking devices can be hacked and put to other nefarious purposes
Apple has launched the latest version of its operating system, iOS 14.5, which features the much-anticipated app tracking transparency function, bolstering the tech giant’s privacy credentials.
But iOS 14.5 also introduced support for the new Apple AirTag, which risks doing the opposite.
Related: Apple launches new iMac, iPad Pro, AirTags and Podcast subscriptions
Being around someone with an AirTag is *very* annoying pic.twitter.com/GZj8ZeTCck
A security researcher has found out the microcontroller inside Apple's #AirTag can be reprogrammed, opening the door to AirTag modifications and potential malicious uses. https://t.co/PAKPZab7Ov pic.twitter.com/UVTvPl41Sn
Amazon Sidewalk could help extend the reach of your Wi-Fi, but the company's data-collection habits may outweigh the feature's benefits. https://t.co/gcCKqLJDFy
Continue reading...Rapid7 Source Code Accessed in Supply Chain Attack
An investigation of the Codecov attack revealed intruders accessed Rapid7 source code repositories containing internal credentials and alert-related data.Verizon’s 2021 DBIR: Phishing and ransomware threats looming ever larger
The report provides unique insights into how the COVID-19 pandemic affected the data breach landscape
The post Verizon’s 2021 DBIR: Phishing and ransomware threats looming ever larger appeared first on WeLiveSecurity
FIN7 Backdoor Masquerades as Ethical Hacking Tool
The financially motivated cybercrime gang behind the Carbanak RAT is back with the Lizar malware, which can harvest all kinds of info from Windows machines.
How Faster COVID-19 Research Is Being Made Possible by Secure Silicon
When Intel and Leidos set up a "trusted execution environment" to enable a widespread group of researchers to securely share and confidentially compute real-world data, it was no small achievement.