Cybersecurity News
Data on 1.4 Million Washington State Residents Breached
Unemployment data exposed via third-party software attack.01 February 2021
Wind River Security Incident Affects SSNs, Passport Numbers
Wind River Systems is warning of a 'security incident' after one or more files was downloaded from its network.
01 February 2021
Hezbollah-Linked Lebanese Cedar APT Infiltrates Hundreds of Servers
Enhanced Explosive RAT and Caterpillar tools are at the forefront of a global espionage campaign.
01 February 2021
SolarWinds Hack Prompts Congress to Put NSA in Encryption Hot Seat
Congress is demanding the National Security Agency come clean on what it knows about the 2015 supply-chain attack against Juniper Networks.
01 February 2021
Increase in Physical Security Incidents Adds to IT Security Pressures
A new study shows that many organizations have changed their physical security strategies to address new concerns since the COVID-19 outbreak.01 February 2021
Edge Poll: Hook, Line, and Sinker
How confident are you in your security team's ability to protect your organization from phishing?01 February 2021
Name That Edge Toon: Be Careful Who You Trust
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
01 February 2021
US Needs Comprehensive Policy to Combat China on IP Theft
The United States cannot lose sight of Chinese cyber operations that target intellectual property, a panel of experts says.01 February 2021
New Trickbot module uses Masscan for local network reconnaissance
The new Trickbot module is used to scan local networks for other nearby systems with open ports that could be hacked for quick lateral movement inside a company.01 February 2021
Critical Libgcrypt Crypto Bug Opens Machines to Arbitrary Code
The flaw in the free-source library could have been ported to multiple applications.
01 February 2021
Alleged Gaming Software Supply-Chain Attack Installs Spyware
Researchers allege that software used for downloading Android apps onto PCs and Macs has been compromised to install malware onto victim devices.
01 February 2021
Rapid7 Acquires Alcide, Strengthens Focus on Cloud
Its $50 million purchase of Alcide, a Kubernetes security provider, follows its 2020 acquisition of cloud security vendor DivvyCloud.01 February 2021
U.K. Arrest in ‘SMS Bandits’ Phishing Service
Authorities in the United Kingdom have arrested a 20-year-old man for allegedly operating an online service for sending high-volume phishing campaigns via mobile text messages. The service, marketed in the underground under the name "SMS Bandits," has been responsible for blasting out huge volumes of phishing lures spoofing everything from COVID-19 pandemic relief efforts to PayPal, telecommunications providers and tax revenue agencies.01 February 2021
Strengthening Zero-Trust Architecture
Organizations that want to stay ahead of cybercriminals will find that going beyond user trust and device trust is critical for outwitting their adversaries.01 February 2021
6 Cybersecurity Start-Up Trends to Track
The pandemic took a bite out of funding deals, but cybersecurity start-ups fared better than many other industries.
01 February 2021
Operation NightScout: Supply‑chain attack targets online gaming in Asia
ESET researchers uncover a supply-chain attack used in a cyberespionage operation targeting online‑gaming communities in Asia
The post Operation NightScout: Supply‑chain attack targets online gaming in Asia appeared first on WeLiveSecurity
01 February 2021
Hacker group inserted malware in NoxPlayer Android emulator
Attackers targeted only a handful of victims. Only five detected until now, in countries such as Taiwan, Hong Kong, and Sri Lanka.01 February 2021
Libgcrypt developers release urgent update to tackle severe vulnerability
A severe heap buffer issue was found by Google Project Zero’s Tavis Ormandy.01 February 2021
UK Research and Innovation suffers ransomware attack
The agency has suspended some services while an investigation takes place.01 February 2021
SonicWall zero-day exploited in the wild
Security firm NCC Group said it detected "indiscriminate" exploitation of a mysterious SonicWall zero-day.01 February 2021