Cybersecurity News
COVID pandemic causes spike in cyberattacks against hospitals, medical companies
IBM says attack rates have doubled against medical entities since the pandemic began.SolarWinds Attackers Lurked for 'Several Months' in FireEye's Network
Top execs from FireEye, SolarWinds, Microsoft, and CrowdStrike testified before the US Senate Intelligence Committee today on the aftermath - and ongoing investigations - into the epic attacks.Airplane maker Bombardier data posted on ransomware leak site following FTA hack
Bombardier is the latest in a long string of hacks caused by companies using old versions of the Accellion FTA file-sharing server.Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Also on Krebs' radar: the cyber-response to COVID-19 and intelligence-sharing between private and public sectors.SonicWall Releases Second Set of February Firmware Patches
The latest patches, for its SMA 100 series products, comes less than three weeks after an updates to patch a zero-day vulnerability.Daycare Webcam Service Exposes 12,000 User Accounts

10K Targeted in Phishing Attacks Spoofing FedEx, DHL Express
The two campaigns aimed to steal victims' business email account credentials by posing as the shipping companies.IBM Squashes Critical Remote Code-Execution Flaw

Augmenting SMB Defense Strategies With MITRE ATT&CK: A Primer
Any organization can use MITRE ATT&CK as a force multiplier, but it's especially valuable for small ones.Clubhouse chats streamed to third‑party website
The incident raises concerns about the privacy and security of conversations taking place on the platform
The post Clubhouse chats streamed to third‑party website appeared first on WeLiveSecurity
Flash version distributed in China after EOL is installing adware
Security researchers say the Chinese Flash app is behaving lide adware and opening browser windows to show ads.Google's Password Checkup feature coming to Android
The Password Checkup feature will tell Android users when one of their passwords has been exposed in an online data breach.Finnish IT Giant Hit with Ransomware Cyberattack

Checkout Skimmers Powered by Chip Cards
Easily the most sophisticated skimming devices made for hacking terminals at retail self-checkout lanes are a new breed of PIN pad overlay combined with a flexible, paper-thin device that fits inside the terminal's chip reader slot. What enables these skimmers to be so slim? They draw their power from the low-voltage current that gets triggered when a chip-based card is inserted. As a result, they do not require external batteries, and can remain in operation indefinitely.Security + Fraud Protection: Your One-Two Punch Against Cyberattacks

CVSS as a Framework, Not a Score

10K Microsoft Email Users Hit in FedEx Phishing Attack

Qualcomm, Sophos ink deal to secure 5G Snapdragon PCs
Sophos will provide endpoint protection for always on, always connected PCs.Clubhouse chatroom app closes down site rebroadcasting content

Incident prompts fears for latest Silicon Valley craze’s ability to guarantee users’ security and privacy
Clubhouse, the audio-chatroom app that has emerged as the latest craze to consume Silicon Valley, has shut down a site that was rebroadcasting the platform’s content, renewing concerns over the service’s ability to provide security and privacy for its users.
The app, currently available only on iPhones, allows users to quickly and easily set up and discover panel-style discussions, with a small group of speakers and potentially thousands of listeners in each room. It has been strictly limited since its launch in April, with users requiring an invitation before they can create an account. It initially gained popularity in the tech and venture capitalist community of the San Francisco Bay area.
Continue reading...