Cybersecurity News
Critical remote code execution flaw in thousands of VMWare vCenter servers remains unpatched
Close to a month on, internet-facing servers remain vulnerable to attack.15 June 2021
Microsoft Gets Second Shot at Banning hiQ from Scraping LinkedIn User Data
Decision throws out previous ruling in favor of hiQ Labs that prevented Microsoft’s business networking platform to forbid the company from harvesting public info from user profiles.
15 June 2021
Apple Hurries Patches for Safari Bugs Under Active Attack
Apple patched two bugs impacting its Safari browser WebKit engine that it said are actively being exploited.
15 June 2021
Pandemic prompts digital ‘boom’ in account creation - as well as password fatigue
Lockdown forced many of us online and this hasn't helped our security postures.15 June 2021
VPN Attacks Surged in First Quarter
But volume of malware, botnet, and other exploit activity declined because of the Emotet botnet takedown.14 June 2021
Cyber Analytics Database Exposed 5 Billion Records Online
In an ironic twist, Cognyte's data alerts customers to third-party data exposures.14 June 2021
Utilities ‘Concerningly’ at Risk from Active Exploits
Utilities’ vulnerability to application exploits goes from bad to worse in just weeks.
14 June 2021
Microsoft Teams: Very Bad Tabs Could Have Led to BEC
Attackers could have used the bug to get read/write privileges for a victim user’s email, Teams chats, OneDrive, Sharepoint and loads of other services.
14 June 2021
Google Workspace Adds Client-Side Encryption
Users given control over encryption keys, Google says.14 June 2021
New Top 20 Secure-Coding List Positions PLCs as Plant 'Bodyguards'
Best practices guide encompasses integrity, hardening, resilience, and monitoring of PLCs in industrial networks.
14 June 2021
Moobot Milks Tenda Router Bugs for Propagation
An analysis of the campaign revealed Cyberium, an active Mirai-variant malware hosting site.
14 June 2021
Volkswagen Vendor Exposed Data of 3.3m Drivers
Nearly all of the leaked data was for owners or wannabe owners of the automaker’s luxury brand of Audis, now at greater risk for phishing, ransomware or car theft.
14 June 2021
Know Thy Enemy: Fighting Half-Blind Against Ransomware Won't Work
We lack reliable, representative, actionable data about ransomware's actual scope, scale, and impact. The Ransom Incident Response Network could change that.14 June 2021
Name That Toon: Sight Unseen
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
14 June 2021
Colonial Pipeline Cyberattack Proves a Single Password Isn't Enough
Since the attack, it's been revealed that it was down to a single password. Yes, ransomware needs to be on your radar -- but a focus on credentials is vital.14 June 2021
Dentist charged by SEC for digital token project fraud, pump-and-dump AI stock scheme
The “adviser” was allegedly responsible for three securities frauds.14 June 2021
Volkswagen, Audi disclose data breach impacting over 3.3 million customers, interested buyers
An unsecured treasure trove of data used for sales was exposed online.14 June 2021
Vishing: What is it and how do I avoid getting scammed?
How do vishing scams work, how do they impact businesses and individuals, and how can you protect yourself, your family and your business?
The post Vishing: What is it and how do I avoid getting scammed? appeared first on WeLiveSecurity
14 June 2021
Codecov to retire the Bash script responsible for supply chain attack wave
A new uploader, shipped as a NodeJS executable, has been introduced in its place.14 June 2021
Ransomware
Ransomware is a special type of malware. Once it infected your computer, it encrypts all of your files and demands you pay a ransom if you want your files back. Be suspicious of any emails trying to trick you into opening infected attachments or click on malicious links, common sense is your best defense. In addition. backups are often the only way you can recover from ransomware.14 June 2021