Cybersecurity News
From PowerShell to Payload: An Analysis of Weaponized Malware
John Hammond, security researcher with Huntress, takes a deep-dive into a malware's technical and coding aspects.
02 April 2021
US Tech Dominance Rides on Securing Intellectual Property
A recent, mostly overlooked pardon points to a big problem in the US tech industry: Intellectual property offers a lucrative golden ticket for insiders.02 April 2021
Robinhood Warns Customers of Tax-Season Phishing Scams
Attackers are impersonating the stock-trading broker using fake websites to steal credentials as well as sending emails with malicious tax files.
02 April 2021
Week in security with Tony Anscombe
PHP source code briefly backdoored – Prevent data loss before it's too late – The perils of owning a smart dishwasher
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
02 April 2021
Enterprises Remain Riddled With Overprivileged Users -- and Attackers Know It
Attackers commonly focus on finding users with too much privileged access as their ticket to network compromise. What can companies do?01 April 2021
80% of Global Enterprises Report Firmware Cyberattacks
A vast majority of companies in a global survey from Microsoft report being a victim of a firmware-focused cyberattack, but defense spending lags, but defense spending lags.
01 April 2021
New KrebsOnSecurity Mobile-Friendly Site
Dear Readers, this has been long overdue, but at last I give you a more responsive, mobile-friendly version of KrebsOnSecurity. We tried to keep the visual changes to a minimum and focus on a simple theme that presents information in a straightforward, easy-to-read format. Please bear with us over the next few days as we hunt down the gremlins in the gears.01 April 2021
7 Security Strategies as Employees Return to the Office
More sooner than later, employees will be making their way back to the office. Here's how security pros can plan for the next new normal.
01 April 2021
Legacy QNAP NAS Devices Vulnerable to Zero-Day Attack
Some legacy models of QNAP network attached storage devices are vulnerable to remote unauthenticated attacks because of two unpatched vulnerabilities.
01 April 2021
Kansas Man Indicted for Hacking, Tampering With Water Utility System
Attacker disabled water-purification operation systems "with intention of harming" the rural water district.01 April 2021
NIST Publishes Guide for Securing Hotel Property Management Systems
These sensitive systems store guests' personal data and payment-card information.01 April 2021
Ragnarok Ransomware Hits Boggi Milano Menswear
The ransomware gang exfiltrated 40 gigabytes of data from the fashion house, including HR and salary details.
01 April 2021
Solving the Leadership Buy-In Impasse With Data
Justify your requirements with real numbers to get support for security investments.01 April 2021
Building a Fortress: 3 Key Strategies for Optimized IT Security
Chris Hass, director of information security and research at Automox, discusses how to shore up cybersecurity defenses and what to prioritize.
01 April 2021
How to Build a Resilient IoT Framework
For all of their benefits, IoT devices weren't built with security in mind -- and that can pose huge challenges.
01 April 2021
Google: North Korean APT Gearing Up to Target Security Researchers Again
Cyberattackers have set up a website for a fake company called SecuriElite, as well as associated Twitter and LinkedIn accounts.
01 April 2021
The Role of Visibility in Securing Cloud Applications
Traditional data center approaches aren't built for securing modern cloud applications.
01 April 2021
Is your dishwasher trying to kill you?
Does every device in your home really need to be connected to the internet? And could it be turned against you?
The post Is your dishwasher trying to kill you? appeared first on WeLiveSecurity
01 April 2021
DeepDotWeb dark web admin pleads guilty to gun, drug purchase kickbacks
Over $8 million was earned through affiliate marketing for illegal marketplaces.01 April 2021
Google: North Korean hackers are targeting researchers through fake offensive security firm
Google TAG warns of the group using zero-day exploits after reaching out to targets on social media.01 April 2021