Cybersecurity News


SolarWinds Hack Prompts Congress to Put NSA in Encryption Hot Seat

SolarWinds Hack Prompts Congress to Put NSA in Encryption Hot Seat Congress is demanding the National Security Agency come clean on what it knows about the 2015 supply-chain attack against Juniper Networks.
01 February 2021

Increase in Physical Security Incidents Adds to IT Security Pressures

A new study shows that many organizations have changed their physical security strategies to address new concerns since the COVID-19 outbreak.
01 February 2021

Edge Poll: Hook, Line, and Sinker

How confident are you in your security team's ability to protect your organization from phishing?
01 February 2021

Name That Edge Toon: Be Careful Who You Trust

Name That Edge Toon: Be Careful Who You Trust Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
01 February 2021

US Needs Comprehensive Policy to Combat China on IP Theft

The United States cannot lose sight of Chinese cyber operations that target intellectual property, a panel of experts says.
01 February 2021

New Trickbot module uses Masscan for local network reconnaissance

The new Trickbot module is used to scan local networks for other nearby systems with open ports that could be hacked for quick lateral movement inside a company.
01 February 2021

Critical Libgcrypt Crypto Bug Opens Machines to Arbitrary Code

Critical Libgcrypt Crypto Bug Opens Machines to Arbitrary Code The flaw in the free-source library could have been ported to multiple applications.
01 February 2021

Alleged Gaming Software Supply-Chain Attack Installs Spyware

Alleged Gaming Software Supply-Chain Attack Installs Spyware Researchers allege that software used for downloading Android apps onto PCs and Macs has been compromised to install malware onto victim devices.
01 February 2021

Rapid7 Acquires Alcide, Strengthens Focus on Cloud

Its $50 million purchase of Alcide, a Kubernetes security provider, follows its 2020 acquisition of cloud security vendor DivvyCloud.
01 February 2021

U.K. Arrest in ‘SMS Bandits’ Phishing Service

Authorities in the United Kingdom have arrested a 20-year-old man for allegedly operating an online service for sending high-volume phishing campaigns via mobile text messages. The service, marketed in the underground under the name "SMS Bandits," has been responsible for blasting out huge volumes of phishing lures spoofing everything from COVID-19 pandemic relief efforts to PayPal, telecommunications providers and tax revenue agencies.
01 February 2021

Strengthening Zero-Trust Architecture

Organizations that want to stay ahead of cybercriminals will find that going beyond user trust and device trust is critical for outwitting their adversaries.
01 February 2021

6 Cybersecurity Start-Up Trends to Track

6 Cybersecurity Start-Up Trends to Track The pandemic took a bite out of funding deals, but cybersecurity start-ups fared better than many other industries.
01 February 2021

Operation NightScout: Supply‑chain attack targets online gaming in Asia

ESET researchers uncover a supply-chain attack used in a cyberespionage operation targeting online‑gaming communities in Asia

The post Operation NightScout: Supply‑chain attack targets online gaming in Asia appeared first on WeLiveSecurity

01 February 2021

Hacker group inserted malware in NoxPlayer Android emulator

Attackers targeted only a handful of victims. Only five detected until now, in countries such as Taiwan, Hong Kong, and Sri Lanka.
01 February 2021

Libgcrypt developers release urgent update to tackle severe vulnerability

A severe heap buffer issue was found by Google Project Zero’s Tavis Ormandy.
01 February 2021

UK Research and Innovation suffers ransomware attack

The agency has suspended some services while an investigation takes place.
01 February 2021

SonicWall zero-day exploited in the wild

Security firm NCC Group said it detected "indiscriminate" exploitation of a mysterious SonicWall zero-day.
01 February 2021

FonixCrypter ransomware gang releases master decryption key

FonixCrypter gang claimed it shut down and deleted their ransomware's source code.
29 January 2021

WordPress Pop-Up Builder Plugin Flaw Plagues 200K Sites

WordPress Pop-Up Builder Plugin Flaw Plagues 200K Sites The flaw could have let attackers send out custom newsletters and delete newsletter subscribers from 200,000 affected websites.
29 January 2021

Microsoft 365 Becomes Haven for BEC Innovation

Microsoft 365 Becomes Haven for BEC Innovation Two new phishing tactics use the platform's automated responses to evade email filters.
29 January 2021