Cybersecurity News
Week in security with Tony Anscombe
FBI cleans up compromised Exchange servers – Data of Clubhouse users scraped and posted online – WhatsApp bug alert
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
16 April 2021
Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period

16 April 2021
Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?
On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. Commerce Department that handles telecommunications and Internet policy.16 April 2021
Spring cleaning? Don’t forget about your digital footprint
Here are some quick and easy tips to help you clean up your cyber-clutter and keep your digital footprint tidy
The post Spring cleaning? Don’t forget about your digital footprint appeared first on WeLiveSecurity
16 April 2021
Digital Inheritance
What happens to our digital presence when we die or become incapacitated? Many of us have or know we should have a will and checklists of what loved ones need to know in the event of our passing. But what about all of our digital data and online accounts? Consider creating some type of digital will, often called a "Digital Inheritance" plan.16 April 2021
Software Developer Arrested in Computer Sabotage Case
Officials say Davis Lu placed malicious code on servers in a denial-of-service attack on his employer.15 April 2021
Google Brings 37 Security Fixes to Chrome 90
The latest version of Google Chrome also introduces HTTPS as the browser's default protocol.15 April 2021
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Treasury Department slaps sanctions on IT security firms that it says supported Russia's Foreign Intelligence Service carry out the attacks.15 April 2021
Pandemic Pushes Bot Operators to Redirect Efforts
As demand for travel, lodging, and concerts plummeted in 2020, bot traffic moved to more popular activities, such as e-commerce, healthcare, and government sites.15 April 2021
Biden Races to Shore Up Power Grid Against Hacks

15 April 2021
6 Tips for Managing Operational Risk in a Downturn
Many organizations adjust their risk appetite in an economic downturn, as risk is expanded to include supplier and customer insolvency, not to mention cash-flow changes.15 April 2021
Gafgyt Botnet Lifts DDoS Tricks from Mirai

15 April 2021
How to Create an Incident Response Plan From the Ground, Up

15 April 2021
One in six people use pet’s name as password
Other common and easily hackable password choices include the names of relatives and sports teams, a UK study reveals
The post One in six people use pet’s name as password appeared first on WeLiveSecurity
15 April 2021
Nation-State Attacks Force a New Paradigm: Patching as Incident Response
IT no longer has the luxury of thoroughly testing critical vulnerability patches before rolling them out.15 April 2021
Malicious PowerShell Use, Attacks on Office 365 Accounts Surged in Q4
There was also a sharp increase in overall malware volumes in the fourth quarter of 2020, COVID-19 related attack activity, and mobile malware, new data shows.15 April 2021
Attackers Target ProxyLogon Exploit to Install Cryptojacker

15 April 2021
Secure Your Home Wi-Fi Network
Be aware of all the devices connected to your home network, including baby monitors, gaming consoles, TVs, appliances or even your car. Ensure all those devices are protected by a strong password and/or are running the latest version of their operating system.15 April 2021
Thycotic & Centrify Merge to Form Cloud Identity Security Firm
The combined entity will expand on both companies' privileged access management tools and expects to debut a new brand this year.14 April 2021
Security Bug Allows Attackers to Brick Kubernetes Clusters

14 April 2021