Cybersecurity News
SolarWinds Experimenting With New Software Build System in Wake of Breach
CISO of SolarWinds now has complete autonomy to stop product releases if security concerns exist, CEO says.26 March 2021
40% of Apps Leaking Information
Apps in manufacturing most at risk, according to WhiteHat Security.26 March 2021
Apple Patches iOS Zero-Day
Apple today released iOS 14.4.2 to address a security vulnerability that may have been actively exploited.26 March 2021
Executive Order Would Strengthen Cybersecurity Requirements for Federal Agencies
The post-SolarWinds EO could be issued as soon as next week, according to a report.
26 March 2021
Microsoft Shares Exchange Server Post-Compromise Attack Activity
Microsoft shares the details of post-exploitation attack activity, including multiple ransomware payloads and a cryptocurrency botnet.26 March 2021
Employee Lockdown Stress May Spark Cybersecurity Risk
Younger employees and caregivers report more stress than other groups-- and more shadow IT usage.
26 March 2021
A Day in the Life of a DevSecOps Manager
"Most days are good days," says Rally Health's Ari Kalfus. But they sure are busy, he tells The Edge.
26 March 2021
Data Bias in Machine Learning: Implications for Social Justice
Take historically biased data, then add AI and ML to compound and exacerbate the problem.26 March 2021
Insurance Giant CNA Hit with Novel Ransomware Attack
The incident, which forced the company to disconnect its systems, caused significant business disruption.
26 March 2021
Week in security with Tony Anscombe
Security and your right to repair – Scams offer fake COVID-19 vaccines and ask for Bitcoin – Jail time for a disgruntled IT contractor
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
26 March 2021
Moving from DevOps to CloudOps: The Four-Box Problem
With SOC teams running services on multiple cloud platforms, their big concern is how to roll up configuration of 200+ servers in a comprehensive way.26 March 2021
Hades ransomware operators are hunting big game in the US
Companies with annual revenues of over $1 billion are being targeted.26 March 2021
Exec Order Could Force Software Vendors to Disclose Breaches to Federal Gov't Customers
A decision on the order, which contains several recommendations, is still forthcoming.25 March 2021
CISA Adds Two Web Shells to Exchange Server Guidance
Officials update mitigation steps to include two new Malware Analysis Reports identifying Web shells seen in Exchange Server attacks.25 March 2021
Fleeceware Apps Bank $400M in Revenue
The cache of apps, found in Apple and Google's official marketplaces is largely targeted towards children, including several "slime simulators."
25 March 2021
Microsoft Offers Up To $30K For Teams Bugs
A bug-bounty program launched for the Teams desktop videoconferencing and collaboration application has big payouts for finding security holes.
25 March 2021
In Secure Silicon We Trust
Building upon a hardware root of trust is becoming a more achievable goal for the masses and the roots are digging deeper. Here's what you need to know.
25 March 2021
Nearly Half of Popular Android Apps Built With High-Risk Components
Information leakage and applications asking for too many permissions were also major issues, according to a survey of more than 3,300 popular mobile applications.25 March 2021
Security Operations in the World We Live in Now
Despite the challenges of remote work, security operations teams can position themselves well for the future.25 March 2021
Facebook Disrupts Spy Effort Aimed at Uyghurs
The social-media giant took down legions of fake profiles aimed at spreading espionage malware.
25 March 2021