Cybersecurity News
White House Scales Back Response to SolarWinds & Exchange Server Attacks
Lessons learned from the Unified Coordination Groups will be used to inform future response efforts, a government official says.Attackers Test Weak Passwords in Purple Fox Malware Attacks
Researchers share a list of passwords that Purple Fox attackers commonly brute force when targeting the SMB protocol.Lazarus Group Uses New Tactic to Evade Detection
Attackers conceal malicious code within a BMP file to slip past security tools designed to detect embedded objects within images.NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens

Ransomware: A Deep Dive into 2021 Emerging Cyber-Risks

Google’s Project Zero to wait longer before disclosing bug details
The 30-day grace period is designed to speed up the rollout and adoption of patches
The post Google’s Project Zero to wait longer before disclosing bug details appeared first on WeLiveSecurity
What COVID-19 Taught Us: Prepping Cybersecurity for the Next Crisis

SolarWinds: A Catalyst for Change & a Cry for Collaboration
Cybersecurity is more than technology or safeguards like zero trust; mostly, it's about collaboration.Peloton pushes back against ‘urgent’ warning against using Tread+ treadmill
The CPSC says the death of a child and dozens of injuries have been caused by the Peloton Tread+.Coding error allowed attackers to delete Facebook live video
The security issue earned the reporting researcher a substantial bug bounty.Don't Lose That Device
Did you know you are 100 times more likely to lose a laptop or mobile devices than have it stolen? When you are traveling, always double-check to make sure you have your devices with you, such as when leaving airport security, exiting your taxi or check out of your hotel.Poppy Gustafsson: the Darktrace tycoon in new cybersecurity era

Gustafsson’s firm, founded when she was 30, is marketed as a digital parallel of a human body fighting illness
Poppy Gustafsson runs a cutting-edge and gender-diverse cybersecurity firm on the brink of a £3bn stock market debut, but she is happy to reference pop culture classic the Terminator to help describe what Darktrace actually does.
Launched in Cambridge eight years ago by an unlikely alliance of mathematicians, former spies from GCHQ and the US and artificial intelligence (AI) experts, Darktrace provides protection, enabling businesses to stay one step ahead of increasingly smarter and dangerous hackers and viruses.
Related: Huge rise in hacking attacks on home workers during lockdown
Continue reading...Pandemic Drives Greater Need for Endpoint Security
Endpoint security has changed. Can your security plan keep up?BazarLoader Malware Abuses Slack, BaseCamp Clouds

High-Level Admin of FIN7 Cybercrime Group Sentenced to 10 Years in Prison
Fedir Hladyr pleaded guilty in 2019 to conspiracy to commit wire fraud and conspiracy to commit computer hacking.Security Gaps in IoT Access Control Threaten Devices and Users
Researchers spot problems in how IoT vendors delegate device access across multiple clouds and users.iOS Kids Game Morphs into Underground Crypto Casino

NSA: 5 Security Bugs Under Active Nation-State Cyberattack

Mandiant Front Lines: How to Tackle Exchange Exploits
