Cybersecurity News
Cloudflare launches Page Shield to thwart Magecart card skimming attacks
Magecart attacks remain a prolific threat to the security of our financial data.25 March 2021
University students refunded for false ads touting job opportunities with Microsoft, Twitter
The FTC says students were impacted by the school’s “deceptive ads.”25 March 2021
Sierra Wireless Website Still Down After Ransomware Attack
The company believes the attack's impact is limited to its internal IT systems and corporate websites.24 March 2021
California State Controller's Office Suffers Data Breach
Employee unwittingly gave hacker access to email account for more than a day.24 March 2021
Ransomware Incidents Continue to Dominate Threat Landscape
Cisco Talos' IR engagements found attackers relied heavily on malware like Zloader and BazarLoader to distribute ransomware in the past three months.24 March 2021
Facebook Reports China-Linked Cyberattack Targeting Uyghurs
Facebook has removed accounts used to send malicious links to Uyghur people with the goal of infecting their devices.24 March 2021
ProtonVPN CEO Blasts Apple for ‘Aiding Tyrants’ in Myanmar
CEO says Apple rejected a security update needed to protect human-rights abuse evidence.
24 March 2021
Active Exploits Hit WordPress Sites Vulnerable to Thrive Themes Flaws
Thrive Themes has recently patched vulnerabilities in its WordPress plugins and legacy Themes - but attackers are targeting those who haven't yet applied security updates.
24 March 2021
Vengeful IT worker gets jail time for deleting company’s Microsoft user accounts
The company was left to deal with three months’ worth of IT problems
The post Vengeful IT worker gets jail time for deleting company’s Microsoft user accounts appeared first on WeLiveSecurity
24 March 2021
Ransomware Attack Foils IoT Giant Sierra Wireless
The ransomware attack has impacted the IoT manufacturer's production lines across multiple sites, and other internal operations.
24 March 2021
Microsoft Exchange Servers See ProxyLogon Patching Frenzy
Vast swathes of companies were likely compromised before patches were applied, so the danger remains.
24 March 2021
What a Federal Data Privacy Law Would Mean for Consumers
With an array of serious proposals from both sides of the political divide, it looks as though the US may finally have a national privacy law.24 March 2021
How to Protect Our Critical Infrastructure From Attack
Just how worried should we be about a cyber or physical attack on national infrastructure? Chris Price reports on how the pandemic, the growth of remote working, and IoT are putting assets at risk.24 March 2021
Purple Fox Malware Targets Windows Machines With New Worm Capabilities
A new infection vector from the established malware puts internet-facing Windows systems at risk from SMB password brute-forcing.
24 March 2021
Prioritizing Application & API Security After the COVID Cloud Rush
As companies hit the gas to accommodate the rapid shift to work-from-home, security fell behind. Now, it's time to close those gaps.24 March 2021
Hundreds of fleeceware apps earn dubious iOS, Android developers over $400 million
Free trials can cost mobile app users thousands of dollars in the long run.24 March 2021
SaltStack revises partial patch for command injection, privilege escalation vulnerability
The second fix was reportedly necessary after SaltStack did not participate in coordinated disclosure.24 March 2021
Purple Fox malware evolves to propagate across Windows machines
The malware’s new worm capabilities have resulted in a rapidly-increasing infection rate.24 March 2021
Microsoft: 92% of vulnerable exchange servers are now patched, mitigated
The latest telemetry suggests IT admins are taking the threat seriously.24 March 2021
Anti-Spoofing for Email Gains Adoption, but Enforcement Lags
More organizations adopt sender authentication, but strict quarantining or rejection of unauthenticated messages remains uncommon.23 March 2021