Cybersecurity News


Brian Krebs: No, I didn’t hack your Microsoft Exchange server

The KrebsOnSecurity name is, once again, being abused by cyberattackers.
29 March 2021

No, I Did Not Hack Your MS Exchange Server

New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let's just get this out of the way right now: It wasn't me.
28 March 2021

SolarWinds Experimenting With New Software Build System in Wake of Breach

CISO of SolarWinds now has complete autonomy to stop product releases if security concerns exist, CEO says.
26 March 2021

40% of Apps Leaking Information

Apps in manufacturing most at risk, according to WhiteHat Security.
26 March 2021

Apple Patches iOS Zero-Day

Apple today released iOS 14.4.2 to address a security vulnerability that may have been actively exploited.
26 March 2021

Executive Order Would Strengthen Cybersecurity Requirements for Federal Agencies

Executive Order Would Strengthen Cybersecurity Requirements for Federal Agencies The post-SolarWinds EO could be issued as soon as next week, according to a report.
26 March 2021

Microsoft Shares Exchange Server Post-Compromise Attack Activity

Microsoft shares the details of post-exploitation attack activity, including multiple ransomware payloads and a cryptocurrency botnet.
26 March 2021

Employee Lockdown Stress May Spark Cybersecurity Risk

Employee Lockdown Stress May Spark Cybersecurity Risk Younger employees and caregivers report more stress than other groups-- and more shadow IT usage.
26 March 2021

A Day in the Life of a DevSecOps Manager

A Day in the Life of a DevSecOps Manager "Most days are good days," says Rally Health's Ari Kalfus. But they sure are busy, he tells The Edge.
26 March 2021

Data Bias in Machine Learning: Implications for Social Justice

Take historically biased data, then add AI and ML to compound and exacerbate the problem.
26 March 2021

Insurance Giant CNA Hit with Novel Ransomware Attack

Insurance Giant CNA Hit with Novel Ransomware Attack The incident, which forced the company to disconnect its systems, caused significant business disruption.
26 March 2021

Week in security with Tony Anscombe

Security and your right to repair – Scams offer fake COVID-19 vaccines and ask for Bitcoin – Jail time for a disgruntled IT contractor

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

26 March 2021

Moving from DevOps to CloudOps: The Four-Box Problem

With SOC teams running services on multiple cloud platforms, their big concern is how to roll up configuration of 200+ servers in a comprehensive way.
26 March 2021

Hades ransomware operators are hunting big game in the US

Companies with annual revenues of over $1 billion are being targeted.
26 March 2021

Exec Order Could Force Software Vendors to Disclose Breaches to Federal Gov't Customers

A decision on the order, which contains several recommendations, is still forthcoming.
25 March 2021

CISA Adds Two Web Shells to Exchange Server Guidance

Officials update mitigation steps to include two new Malware Analysis Reports identifying Web shells seen in Exchange Server attacks.
25 March 2021

Fleeceware Apps Bank $400M in Revenue

Fleeceware Apps Bank $400M in Revenue The cache of apps, found in Apple and Google's official marketplaces is largely targeted towards children, including several "slime simulators."
25 March 2021

Microsoft Offers Up To $30K For Teams Bugs

Microsoft Offers Up To $30K For Teams Bugs A bug-bounty program launched for the Teams desktop videoconferencing and collaboration application has big payouts for finding security holes.
25 March 2021

In Secure Silicon We Trust

In Secure Silicon We Trust Building upon a hardware root of trust is becoming a more achievable goal for the masses and the roots are digging deeper. Here's what you need to know.
25 March 2021

Nearly Half of Popular Android Apps Built With High-Risk Components

Information leakage and applications asking for too many permissions were also major issues, according to a survey of more than 3,300 popular mobile applications.
25 March 2021