Cybersecurity News


Nobelium Phishing Campaign Poses as USAID

Nobelium Phishing Campaign Poses as USAID Microsoft uncovered the SolarWinds crooks using mass-mail service Constant Contact and posing as a U.S.-based development organization to deliver malicious URLs to more than 150 organizations.
28 May 2021

Building Multilayered Security for Modern Threats

Building Multilayered Security for Modern Threats Justin Jett, director of audit and compliance for Plixer, discusses the elements of a successful advanced security posture.
28 May 2021

Researchers find four new malware tools created to exploit Pulse Secure VPN appliances

There are now at least 16 malware families designed to compromise Pulse Secure VPN products.
28 May 2021

Targeted AnyDesk Ads on Google Served Up Weaponized App

Targeted AnyDesk Ads on Google Served Up Weaponized App Malicious ad campaign was able to rank higher in searches than legitimate AnyDesk ads.
27 May 2021

'Have I Been Pwned' Code Base Now Open Source

Founder Troy Hunt also announces the platform will receive compromised passwords the FBI finds in its investigations.
27 May 2021

BazaLoader Attackers Create Fake Movie Streaming Site to Trick Victims

The BazaLoader infection chain includes a live call center and "customer service" from criminals, researchers report.
27 May 2021

Acronis: Pandemic Hastened Cloud Migration, Prompting New Security Issues

SPONSORED: WATCH NOW -- The COVID-19 pandemic has accelerated an ongoing shift in data away from business data centers to home offices and the cloud, explains Candid Wuest, VP of cyber protection research for Acronis.
27 May 2021

Let's Stop Blaming Employees for Our Data Breaches

Assuming employees want to steal trade secrets pits them against your security teams, creates stress and reduces productivity.
27 May 2021

DHS Orders Pipeline Operators to Report Cyberattacks, Review Security Posture

On the heels of the Colonial Pipeline attack, the US Department of Homeland Security aims to force a reticent industry to improve its ability to detect and respond to cybersecurity attacks.
27 May 2021

How Menlo Uses Isolation to Secure Mobile Devices in the Cloud

SPONSORED: WATCH NOW -- Mobile devices like smartphones and tablets have emerged as popular targets for bad actors looking to break into to cloud-based networks, according to Poornima DeBolle, chief product officer for Menlo Security.
27 May 2021

Prevention Is the Only Cure: The Dangers of Legacy Systems

Prolonged exposure to poorly managed legacy IT devices proves time and time again the familiar adage: What can go wrong will go wrong.
27 May 2021

Fujitsu SaaS Hack Sends Govt. of Japan Scrambling

Fujitsu SaaS Hack Sends Govt. of Japan Scrambling Tech giant disables ProjectWEB cloud-based collaboration platform after threat actors gained access and nabbed files belonging to several state entities.
27 May 2021

Biden’s Cybersecurity Executive Order Puts Emphasis on the Wrong Issues

Biden’s Cybersecurity Executive Order Puts Emphasis on the Wrong Issues David Wolpoff, CTO at Randori, argues that the call for rapid cloud transition Is a dangerous proposition: "Mistakes will be made, creating opportunities for our adversaries.
27 May 2021

ExtraHop Explains How Advanced Threats Dominate Threat Landscape

SPONSORED: WATCH NOW -- How do SOC professionals build a strategy when they lack basic information about how such threats operate? Advanced threats by their very nature create plenty of uncertainty, according to Matt Cauthorn, VP of cloud security for ExtraHop.
27 May 2021

Fake human rights organization, UN branding used to target Uyghurs in ongoing cyberattacks

The ethnic group is being targeted in spy campaigns under the guise of the United Nations.
27 May 2021

I hacked my friend’s website after a SIM swap attack

Here’s how easily your phone number could be stolen, why a successful SIM swap scam is only the beginning of your problems, and how you can avoid becoming a victim of the attack

The post I hacked my friend’s website after a SIM swap attack appeared first on WeLiveSecurity

27 May 2021

Enterprises Applying OS Patches Faster as Endpoint Risks Grow

New study shows sharp increase in number of endpoint devices with sensitive data on them.
26 May 2021

Google Discovers New Rowhammer Attack Technique

Researchers publish the details of a new Rowhammer vulnerability called "Half-Double" that exploits increasingly smaller DRAM chips.
26 May 2021

Zscaler Buys Deception Technology Startup

ZScaler's CEO says Smokescreen Technologies' capabilities will be integrated with Zscaler's ZIA and ZPA products.
26 May 2021

PDF Feature ‘Certified’ Widely Vulnerable to Attack

PDF Feature ‘Certified’ Widely Vulnerable to Attack Researchers found flaws most of the ‘popular’ PDF applications tested.
26 May 2021