Cybersecurity News


Security in a Complex World

Innovation and complexity can co-exist; the key is to use innovation to make ever-expanding complexity comprehensible and its effects predictable.
03 February 2021

Microsoft Defender ATP is detecting yesterday's Chrome update as a backdoor

Microsoft commercial antivirus product is labeling Chrome's latest update as being infected with the Funvalget backdoor.
03 February 2021

Concerns Over API Security Grow as Attacks Increase

Some 66% of organizations say they have slowed deploying an app into production because of API security concerns.
03 February 2021

SolarWinds Orion Bug Allows Easy Remote-Code Execution and Takeover

SolarWinds Orion Bug Allows Easy Remote-Code Execution and Takeover The by-now infamous company has issued patches for three security vulnerabilities in total.
03 February 2021

Mozilla expected to launch its VPN service in Germany and France in Q1 2021

Mozilla VPN is currently available in the US, the UK, Canada, New Zealand, Singapore, and Malaysia only.
03 February 2021

Recent root-giving Sudo bug also impacts macOS

A bug in the Sudo app can let attackers with access to a local system to elevate their access to a root-level account.
02 February 2021

FTC: ID Theft Doubled in 2020

The Federal Trade Commission said a surge in reports of identity theft occurred amid the COVID-19 pandemic.
02 February 2021

Agent Tesla Upgrades with New Delivery & Evasion Tactics

A new version of the remote access Trojan targets Microsoft Anti-Malware Software Interface to bypass endpoint detection.
02 February 2021

TrickBot Continues Resurgence with Port-Scanning Module

TrickBot Continues Resurgence with Port-Scanning Module The infamous malware has incorporated the legitimate Masscan tool, which looks for open TCP/IP ports with lightning-fast results.
02 February 2021

Average Ransom Payments Declined Last Quarter

More victims appear to be realizing that paying a ransom doesn't guarantee stolen data will be purged.
02 February 2021

Average Ransom Payments Declined Last Quarter

More victims appear to be realizing that paying a ransom doesn't guarantee stolen data will be purged.
02 February 2021

Crypto Crook Hired Steven Seagal to Promote Scam, Now Faces Charges

Crypto Crook Hired Steven Seagal to Promote Scam, Now Faces Charges Feds charged California-based private detective for stealing $11M from investors, with help from actor Steven Seagal.
02 February 2021

‘ValidCC,’ a Major Payment Card Bazaar and Looter of E-Commerce Sites, Shuttered

ValidCC, a dark web bazaar run by a cybercrime group that for more than six years hacked online merchants and sold stolen payment card data, abruptly closed up shop last week. The proprietors of the popular store said their servers were seized as part of a coordinated law enforcement operation designed to disconnect and confiscate its infrastructure.
02 February 2021

RF Enables Takeover of Hostile Drones

Tempting as it may be to blast drones out of the sky, a less aggressive approach may yield better data about attackers - and keep bystanders safe.
02 February 2021

Tiny Kobalos Malware Bedevils Supercomputers to Steal Logins

Tiny Kobalos Malware Bedevils Supercomputers to Steal Logins The sophisticated backdoor steals SSH credentials for servers in academic and scientific high-performance computing clusters.
02 February 2021

Magento Web Skimmers Piggyback in Ongoing Costway Website Compromise

Magento Web Skimmers Piggyback in Ongoing Costway Website Compromise An e-commerce credit-card skimmer is being used by a second skimmer to steal payment data - and both are on Costway's website.
02 February 2021

Attackers Continue to Nibble at Apple's iOS Security

For the second time in less than three months, Apple has patched vulnerabilities in the software for iPhone and iPad, warning that the issues are already being targeted by attackers.
02 February 2021

SonicWall Confirms Zero-Day Vulnerability

The confirmation arrives as researchers with NCC Group detect a SonicWall zero-day flaw under active attack.
02 February 2021

Google funds project to secure Apache web server project with new Rust component

Funded by Google and led by the Internet Security Research Group, Apache's web server is set to receive a new Rust-based mod_ssl module.
02 February 2021

Ransomware gangs made at least $350 million in 2020

The figure represents a 311% increase over ransomware payments recorded the previous your, in 2019.
02 February 2021