Cybersecurity News
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
The Cyber Kill Chain and MITRE ATT&CK are popular reference frameworks to analyze breaches, but amid the rise of XDR, we may need a new one.
30 March 2021
In the Rush to Embrace Hybrid Cloud, Don't Forget About Security
Cloud service providers typically only secure the infrastructure itself, while customers are responsible for their data and application security.30 March 2021
Intel Sued Under Wiretapping Laws for Tracking User Activity on its Website
A class-action suit in Florida accuses the tech giant of unlawfully intercepting communications by using session-replay software to capture the interaction of people visiting the corporate homepage Intel.com.
30 March 2021
Department of Homeland Security email accounts exposed in SolarWinds hack
Reports suggest Russian threat groups accessed DHS emails during the SolarWinds fiasco.30 March 2021
Panasonic, McAfee team up to tackle vehicle cybersecurity
Early response tech for physical attacks and cyber intrusions is on the list for development.30 March 2021
Ransomware group targets Universities of Maryland, California in new data leaks
This follows similar extortion attempts impacting two other US universities this month.30 March 2021
Manufacturing Firms Learn Cybersecurity the Hard Way
Although 61% of smart factories have experienced a cybersecurity incident, IT groups and operational technology groups still don't collaborate enough on security.29 March 2021
Pair of Apex Legends Players Banned for DDoS Server Attacks
Predator-ranked players on Xbox console game version rigged matches with DDoS attacks.
29 March 2021
Attackers Target PHP Git Server to Backdoor Source Code
The PHP maintainers have decided to make GitHub the official source for PHP repositories going forward.29 March 2021
SolarWinds Hackers Accessed DHS Chief's Email
Several high-level government accounts were also breached in the attack.29 March 2021
Hades Ransomware Gang Exhibits Connections to Hafnium
There could be more than immediately meets the eye with this targeted attack group.
29 March 2021
PHP Infiltrated with Backdoor Malware
The server for the web-application scripting language was compromised on Sunday.
29 March 2021
Apple rushes to patch zero‑day flaw in iOS, iPadOS
The bug is under active exploitation by unknown attackers and affects a wide range of devices, including iPhones, iPads and Apple Watches
The post Apple rushes to patch zero‑day flaw in iOS, iPadOS appeared first on WeLiveSecurity
29 March 2021
4 Open Source Tools to Add to Your Security Arsenal
Open source solutions can offer an accessible and powerful way to enhance your security-testing capabilities.
29 March 2021
Official PHP Git server targeted in attempt to bury malware in code base
The cyberattack has prompted a rapid and permanent move to GitHub.29 March 2021
CISA Builds Out Defensive Tools for Security Teams
Need a tool to hunt for attacks in your network? The DHS agency bolsters the offerings in its open source toolbox.29 March 2021
US charges close to 500 individuals for COVID-19 fraud, criminal activity
Everything from PPE fraud, disaster loan schemes, and unemployment scams are on the books.29 March 2021
This Android malware hides as a System Update app to spy on you
The spyware triggers when certain actions are performed, such as new adding a contact.29 March 2021
Brian Krebs: No, I didn’t hack your Microsoft Exchange server
The KrebsOnSecurity name is, once again, being abused by cyberattackers.29 March 2021
No, I Did Not Hack Your MS Exchange Server
New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let's just get this out of the way right now: It wasn't me.28 March 2021