Cybersecurity News
Ransomware: A Deep Dive into 2021 Emerging Cyber-Risks
Our new eBook goes beyond the status quo to take a look at the evolution of ransomware and what to prepare for next.
Google’s Project Zero to wait longer before disclosing bug details
The 30-day grace period is designed to speed up the rollout and adoption of patches
The post Google’s Project Zero to wait longer before disclosing bug details appeared first on WeLiveSecurity
What COVID-19 Taught Us: Prepping Cybersecurity for the Next Crisis
Sivan Tehila, cybersecurity strategist at Perimeter 81, discusses climate change and the cyber-resilience lessons companies should take away from dealing with the pandemic.
SolarWinds: A Catalyst for Change & a Cry for Collaboration
Cybersecurity is more than technology or safeguards like zero trust; mostly, it's about collaboration.Peloton pushes back against ‘urgent’ warning against using Tread+ treadmill
The CPSC says the death of a child and dozens of injuries have been caused by the Peloton Tread+.Coding error allowed attackers to delete Facebook live video
The security issue earned the reporting researcher a substantial bug bounty.Don't Lose That Device
Did you know you are 100 times more likely to lose a laptop or mobile devices than have it stolen? When you are traveling, always double-check to make sure you have your devices with you, such as when leaving airport security, exiting your taxi or check out of your hotel.Poppy Gustafsson: the Darktrace tycoon in new cybersecurity era
Gustafsson’s firm, founded when she was 30, is marketed as a digital parallel of a human body fighting illness
Poppy Gustafsson runs a cutting-edge and gender-diverse cybersecurity firm on the brink of a £3bn stock market debut, but she is happy to reference pop culture classic the Terminator to help describe what Darktrace actually does.
Launched in Cambridge eight years ago by an unlikely alliance of mathematicians, former spies from GCHQ and the US and artificial intelligence (AI) experts, Darktrace provides protection, enabling businesses to stay one step ahead of increasingly smarter and dangerous hackers and viruses.
Related: Huge rise in hacking attacks on home workers during lockdown
Continue reading...Pandemic Drives Greater Need for Endpoint Security
Endpoint security has changed. Can your security plan keep up?BazarLoader Malware Abuses Slack, BaseCamp Clouds
Two cyberattack campaigns are making the rounds using unique social-engineering techniques.
High-Level Admin of FIN7 Cybercrime Group Sentenced to 10 Years in Prison
Fedir Hladyr pleaded guilty in 2019 to conspiracy to commit wire fraud and conspiracy to commit computer hacking.Security Gaps in IoT Access Control Threaten Devices and Users
Researchers spot problems in how IoT vendors delegate device access across multiple clouds and users.iOS Kids Game Morphs into Underground Crypto Casino
A malicious ‘Jungle Run’ app tricked security protections to make it into the Apple App Store, scamming users out of money with a casino-like functionality.
NSA: 5 Security Bugs Under Active Nation-State Cyberattack
Widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more.
Mandiant Front Lines: How to Tackle Exchange Exploits
Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange infections.
How the Biden Administration Can Make Digital Identity a Reality
A digital identity framework is the answer to the US government's cybersecurity dilemma.Week in security with Tony Anscombe
FBI cleans up compromised Exchange servers – Data of Clubhouse users scraped and posted online – WhatsApp bug alert
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period
The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes.
Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?
On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. Commerce Department that handles telecommunications and Internet policy.Spring cleaning? Don’t forget about your digital footprint
Here are some quick and easy tips to help you clean up your cyber-clutter and keep your digital footprint tidy
The post Spring cleaning? Don’t forget about your digital footprint appeared first on WeLiveSecurity