Cybersecurity News


Attackers Test Weak Passwords in Purple Fox Malware Attacks

Researchers share a list of passwords that Purple Fox attackers commonly brute force when targeting the SMB protocol.
19 April 2021

Lazarus Group Uses New Tactic to Evade Detection

Attackers conceal malicious code within a BMP file to slip past security tools designed to detect embedded objects within images.
19 April 2021

NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens

NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens The malware seems like a silly coding lark at first, but further exploration shows it can wreak serious damage in follow-on attacks.
19 April 2021

Ransomware: A Deep Dive into 2021 Emerging Cyber-Risks

Ransomware: A Deep Dive into 2021 Emerging Cyber-Risks Our new eBook goes beyond the status quo to take a look at the evolution of ransomware and what to prepare for next.
19 April 2021

Google’s Project Zero to wait longer before disclosing bug details

The 30-day grace period is designed to speed up the rollout and adoption of patches

The post Google’s Project Zero to wait longer before disclosing bug details appeared first on WeLiveSecurity

19 April 2021

What COVID-19 Taught Us: Prepping Cybersecurity for the Next Crisis

What COVID-19 Taught Us: Prepping Cybersecurity for the Next Crisis Sivan Tehila, cybersecurity strategist at Perimeter 81, discusses climate change and the cyber-resilience lessons companies should take away from dealing with the pandemic.
19 April 2021

SolarWinds: A Catalyst for Change & a Cry for Collaboration

Cybersecurity is more than technology or safeguards like zero trust; mostly, it's about collaboration.
19 April 2021

Peloton pushes back against ‘urgent’ warning against using Tread+ treadmill

The CPSC says the death of a child and dozens of injuries have been caused by the Peloton Tread+.
19 April 2021

Coding error allowed attackers to delete Facebook live video

The security issue earned the reporting researcher a substantial bug bounty.
19 April 2021

Don't Lose That Device

Did you know you are 100 times more likely to lose a laptop or mobile devices than have it stolen? When you are traveling, always double-check to make sure you have your devices with you, such as when leaving airport security, exiting your taxi or check out of your hotel.
19 April 2021

Poppy Gustafsson: the Darktrace tycoon in new cybersecurity era

Poppy Gustafsson: the Darktrace tycoon in new cybersecurity era

Gustafsson’s firm, founded when she was 30, is marketed as a digital parallel of a human body fighting illness

Poppy Gustafsson runs a cutting-edge and gender-diverse cybersecurity firm on the brink of a £3bn stock market debut, but she is happy to reference pop culture classic the Terminator to help describe what Darktrace actually does.

Launched in Cambridge eight years ago by an unlikely alliance of mathematicians, former spies from GCHQ and the US and artificial intelligence (AI) experts, Darktrace provides protection, enabling businesses to stay one step ahead of increasingly smarter and dangerous hackers and viruses.

Related: Huge rise in hacking attacks on home workers during lockdown

Continue reading...
17 April 2021

Pandemic Drives Greater Need for Endpoint Security

Endpoint security has changed. Can your security plan keep up?
16 April 2021

BazarLoader Malware Abuses Slack, BaseCamp Clouds

BazarLoader Malware Abuses Slack, BaseCamp Clouds Two cyberattack campaigns are making the rounds using unique social-engineering techniques.
16 April 2021

High-Level Admin of FIN7 Cybercrime Group Sentenced to 10 Years in Prison

Fedir Hladyr pleaded guilty in 2019 to conspiracy to commit wire fraud and conspiracy to commit computer hacking.
16 April 2021

Security Gaps in IoT Access Control Threaten Devices and Users

Researchers spot problems in how IoT vendors delegate device access across multiple clouds and users.
16 April 2021

iOS Kids Game Morphs into Underground Crypto Casino

iOS Kids Game Morphs into Underground Crypto Casino A malicious ‘Jungle Run’ app tricked security protections to make it into the Apple App Store, scamming users out of money with a casino-like functionality.
16 April 2021

NSA: 5 Security Bugs Under Active Nation-State Cyberattack

NSA: 5 Security Bugs Under Active Nation-State Cyberattack Widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more.
16 April 2021

Mandiant Front Lines: How to Tackle Exchange Exploits

Mandiant Front Lines: How to Tackle Exchange Exploits Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange infections.
16 April 2021

How the Biden Administration Can Make Digital Identity a Reality

A digital identity framework is the answer to the US government's cybersecurity dilemma.
16 April 2021

Week in security with Tony Anscombe

FBI cleans up compromised Exchange servers – Data of Clubhouse users scraped and posted online – WhatsApp bug alert

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

16 April 2021