Cybersecurity News


Three million users installed 28 malicious Chrome or Edge extensions

Extensions could redirect users to ads, phishing sites, collect user data, or download malware on infected systems.
16 December 2020

FireEye Identifies Killswitch for SolarWinds Malware as Victims Scramble to Respond

White House National Security Council establishes unified group to coordinate response across federal agencies to the threat.
16 December 2020

Attackers Leverage IMAP to Infiltrate Email Accounts

Researchers believe cybercriminals are using a tool dubbed Email Appender to directly connect with compromised email accounts via IMAP.
16 December 2020

FBI says DoppelPaymer ransomware gang is harassing victims who refuse to pay

FBI says ransomware group has been calling victims, threatening to send individuals to their homes if they don't pay the ransom.
16 December 2020

New IRS Form Fraud Campaign Targets G Suite Users

At least 50,000 executives have been affected so far.
16 December 2020

US-CERT Reports 17,447 Vulnerabilities Recorded in 2020

This marks the fourth year in a row that a record number of vulnerabilities has been discovered, following 17,306 in 2019.
16 December 2020

Corporate Credentials for Sale on the Dark Web: How to Protect Employees and Data

It's past time to retire passwords in favor of other methods for authenticating users and securing systems.
16 December 2020

Why the Weakest Links Matter

The recent FireEye and SolarWinds compromises reinforce the fact that risks should be understood, controls should be in place, and care should be taken at every opportunity.
16 December 2020

Senior Managers Twice as Likely to Share Work Devices With Outsiders

Senior Managers Twice as Likely to Share Work Devices With Outsiders New survey finds top C-suite managers are much shakier on security than their junior counterparts.
16 December 2020

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a "killswitch" designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned.
16 December 2020

Ryuk, Egregor Ransomware Attacks Leverage SystemBC Backdoor

Ryuk, Egregor Ransomware Attacks Leverage SystemBC Backdoor In the past few months researchers have detected hundreds of attempted SystemBC deployments globally, as part of recent Ryuk and Egregor ransomware attacks.
16 December 2020

Outing of FSB hit squad highlights Russia's data security problem

Outing of FSB hit squad highlights Russia's data security problem

Analysis: trade in stolen data is a boon for investigators and a headache for Kremlin

In early 2019, the journalist Andrei Zakharov managed to buy his own phone and banking records in a groundbreaking investigation into Russia’s thriving markets in stolen personal data, in which law enforcement and telecoms employees can be contracted anonymously to dip into their systems and pull out sensitive details on anyone.

A year and a half later, investigators from Bellingcat and the Insider used some of the same tools and clever analysis to out a secret FSB team that had been tasked with killing Alexei Navalny using a novichok nerve agent.

Related: Russian FSB hit squad poisoned Alexei Navalny, report says

Related: 'We got really lucky': how novichok suspects' identities were revealed

Continue reading...
16 December 2020

The SolarWinds Perfect Storm: Default Password, Access Sales and More

The SolarWinds Perfect Storm: Default Password, Access Sales and More Meanwhile, Microsoft and other vendors are quickly moving to block the Sunburst backdoor used in the attack.
16 December 2020

Patching Still Poses Problems for Industrial Controllers, Networking Devices

More than 90% of devices that run the popular VxWorks embedded operating system remain vulnerable to critical flaws disclosed more than a year ago.
16 December 2020

Sextortionist Campaign Targets iOS, Android Users with New Spyware

Sextortionist Campaign Targets iOS, Android Users with New Spyware Goontact lures users of illicit sites through Telegram and other secure messaging apps and steals their information for future fraudulent use.
16 December 2020

Why Secure Email Gateways Rewrite Links (and Why They Shouldn't)

Why Secure Email Gateways Rewrite Links (and Why They Shouldn't) Redirecting a user to a trusted server buys a secure email gateway company some time while it decides whether a URL is malicious -- but there are avoidable drawbacks to this approach.
16 December 2020

SSO and MFA Are Only Half Your Identity Governance Strategy

We need better ways to manage user identities for accessing applications, especially given the strain it places on overworked IT and security teams.
16 December 2020

FICO launches cryptocurrency trade risk solution for banks

The software will bring crypto risk assessment to KYC processes.
16 December 2020

Cybersecurity Advent calendar: Stay close to one another… Safely!

This year, many of us will be celebrating Christmas with our loved ones virtually, however we shouldn’t underestimate the value of securing our online communication.

The post Cybersecurity Advent calendar: Stay close to one another… Safely! appeared first on WeLiveSecurity

16 December 2020

New Goontact spyware discovered targeting Android and iOS users

Most Goontact-laced apps are targeting Asian users in Chinese speaking countries, Korea, and Japan.
16 December 2020