Cybersecurity News
Minion privilege escalation exploit patched in SaltStack Salt project
The bug permitted attackers to perform privilege escalation attacks in the automation software.Businessman charged with intent to steal General Electric’s secret silicon technology
Trade secrets worth millions on the market were the goal of the conspiracy.Amazon Dismisses Claims Alexa ‘Skills’ Can Bypass Security Vetting Process
Researchers found a number of privacy and security issues in Amazon's Alexa skill vetting process, which could lead to attackers stealing data or launching phishing attacks.
Stalkerware Volumes Remain Concerningly High, Despite Bans
COVID-19 impacted volumes for the year, but the U.S. moved into third place on the list of countries most infected by stalkerware.
NSA Releases Guidance on Zero-Trust Architecture
A new document provides guidance for businesses planning to implement a zero-trust system management strategy.Lazarus Targets Defense Companies with ThreatNeedle Malware
A spear-phishing campaigned linked to a North Korean APT uses “NukeSped” malware in cyberespionage attacks against defense companies.
The Edge Pro Tip: Fasten Your Seatbelts
An unprecedented 2020 has shaken up security leaders' usual list of must-have technologies for 2021. Where do they plan to spend next?
Chrome will soon try HTTPS first when you type an incomplete URL
If users type an URL and they forget to add the HTTP or HTTPS prefix, Chrome will soon use HTTPS by default.Securing Super Bowl LV
A peek at open XDR technology, and defense that held up better than the Kansas City Chiefs.
Yeezy Fans Face Sneaker-Bot Armies for Boost ‘Sun’ Release
Sneaker bots ready to scoop up the new Yeezy Boost 700 “Sun” shoes to resell at a huge markup.
Attackers Turn Struggling Software Projects Into Trojan Horses
While access to compromised systems has become an increasingly common service, some cybercriminals are going straight to the source: buying code bases and then updating the application with malicious code.Malware Gangs Partner Up in Double-Punch Security Threat
From TrickBot to Ryuk, more malware cybercriminal groups are putting their heads together when attacking businesses.
Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid
The bomb threats escalated over the course of six weeks to include Black Lives Matter protests and threats on UK politicians.Week in security with Tony Anscombe
Privacy bug in Brave browser – Clubhouse audio streamed to external website – Protecting children from cyberbullying in COVID-19 era
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Oxford University COVID‑19 lab hacked
Neither clinical research into the coronavirus nor any patient data were affected by the incident
The post Oxford University COVID‑19 lab hacked appeared first on WeLiveSecurity
PCI DSS v4.0 Timeline Updated to Support an Additional RFC
Industry feedback is fundamental to the evolution of the PCI Data Security Standard (PCI DSS). Because of the broad impact PCI DSS has on the payment community, the Council is seeking additional feedback into the PCI DSS v4.0 validation documents. As a result of expanding stakeholder feedback opportunities to include these supporting documents, the Council is now targeting a Q4 2021 completion date for PCI DSS v4.0. The publication and availability of PCI DSS v4.0 is still being determined. The Council will communicate the targeted publication date in the coming months.
After a Year of Quantum Advances, the Time to Protect Is Now
Innovations in quantum computing mean enterprise and manufacturing organizations need to start planning now to defend against new types of cybersecurity threats.Safeguarding children against cyberbullying in the age of COVID‑19
As screen time has increased, so has the risk of cyberbullying. What you can do to help protect your children from online harassment?
The post Safeguarding children against cyberbullying in the age of COVID‑19 appeared first on WeLiveSecurity
Podcast: Ransomware Attacks Exploded in Q4 2020
Researchers said they saw a seven-times increase in ransomware activity in the fourth quarter of 2020, across various families – from Ryuk to Egregor.