Cybersecurity News
Emotet Takedown Disrupts Vast Criminal Infrastructure; NetWalker Site Offline
Hundreds of servers and 1 million Emotet infections have been dismantled globally, while tales have emerged on Twitter that NetWalker's Dark Web leaks site is offline.
27 January 2021
4 Clues to Spot a Bot Network
Protect against misinformation and disinformation campaigns by learning how to identify the bot networks spreading falsehoods.27 January 2021
Many Cybersecurity Job Candidates Are Subpar, While On-the-Job Training Falls Short
With demand for skilled cybersecurity workers so high, is it really surprising that most companies are seeing fewer qualified applicants?27 January 2021
PCI SSC Announces 2021 Special Interest Group Election Results
Following its annual Special Interest Group (SIG) election process, the PCI Security Standards Council has confirmed the winning SIG topic for 2021. The Council’s Participating Organizations voted to select “Best Practices for Container Orchestration” as the focus for the year ahead. The goal of the SIG is to provide guidance for companies on how to enhance security when using container orchestration tools. This guidance will include an overview of container orchestration tools as well as a breakdown of payment industry considerations for critical components of typical system implementations.
27 January 2021
Apple Patches Three iOS Zero-Day Vulnerabilities
New iOS 14.4 update available for iPhones and iPads.27 January 2021
Security's Inevitable Shift to the Edge
As the edge becomes the place for DDoS mitigation, Web app security, and other controls, SASE is the management platform to handle them all.27 January 2021
International Action Targets Emotet Crimeware
Authorities across Europe on Tuesday said they'd seized control over Emotet, a prolific malware strain and cybercrime-as-service operation. Investigators say the action could help quarantine more than a million Microsoft Windows systems currently compromised with malware tied to Emotet infections.27 January 2021
National Crime Agency warns novice and veteran traders alike of rise in clone company scams
The NCA says these schemes have already led to the theft of over £78 million.27 January 2021
Apple Patches Three Actively Exploited Zero-Days, Part of iOS Emergency Update
An anonymous researcher identified bugs in the software’s kernel and WebKit browser engine that are likely part of an exploit chain.
27 January 2021
LogoKit Group Aims for Simple Yet Effective Phishing
A phishing kit that uses embedded JavaScript targeted the users of more than 300 sites in the past week, aiming to grab credentials for SharePoint, Adobe Document Cloud, and OneDrive.27 January 2021
Fake ICO consultant sentenced for embezzling cryptocurrency now worth $20 million
The US resident pretended to be an expert on investing in cryptocurrencies.27 January 2021
UK association defends ransomware payments in cyber insurance policies
The group has been criticized for “funding” organized crime.27 January 2021
10-years-old Sudo bug lets Linux users gain root-level access
The vulnerability, named "Baron Samedit," impacts most Linux distributions today.26 January 2021
Ransomware Disrupts Operations at Packaging Giant WestRock
Incident is another reminder of how vulnerable OT environments are to attack, security experts say.26 January 2021
Pay-Or-Get-Breached Ransomware Schemes Take Off
In 2020, ransomware attackers moved quickly to adopt so-called "double extortion" schemes, with more than 550 incidents in the fourth quarter alone.26 January 2021
North Korean Attackers Target Security Researchers via Social Media: Google
Google TAG warns the infosec community of unsolicited requests from individuals seeking collaboration on vulnerability research.26 January 2021
Nvidia Squashes High-Severity Jetson DoS Flaw
If exploited, the most serious of these flaws could lead to a denial-of-service condition for Jetson products.
26 January 2021
DanaBot Malware Roars Back into Relevancy
Sophisticated and dangerous, DanaBot has resurfaced after laying dormant for seven months.
26 January 2021
Privacy Teams Helped Navigate the Pivot to Work-from-Home
Annual Cisco privacy study also reports that 90% of organizations say their customers won't buy from them if they are not clear about data policy practices.26 January 2021
Apple fixes another three iOS zero-days exploited in the wild
Fixes come after Apple patched another set of three zero-days last November.26 January 2021