1. Nmap Online
  2. Cybersecurity News

Cybersecurity News

Child tweets on behalf of nuke, space mission agency US Strategic Command

The gibberish tweet left some amused, some concerned that the account had been compromised.
31 March 2021

VMware patches critical vRealize Operations platform vulnerabilities

Administrator credentials could be stolen by exploiting the bugs.
31 March 2021

Are you prepared to prevent data loss?

From losing cherished memories to missing deadlines, the impact of not having backups when a data disaster strikes can hardly be overstated

The post Are you prepared to prevent data loss? appeared first on WeLiveSecurity

31 March 2021

Pandemic threats: The common threads in COVID-19 scams and criminal schemes

Researchers explore how cybercriminals have exploited the coronavirus pandemic over the past year.
31 March 2021

Whistleblower claims Ubiquiti Networks data breach was ‘catastrophic’

The source alleges the January security incident was severely downplayed.
31 March 2021

Publicly Available Data Enables Enterprise Cyberattacks

Adversaries scour social media platforms and use other tactics to gather information that facilitates targeted enterprise attacks, research shows.
30 March 2021

Security on a Shoestring? More Budget Means More Detection

Companies that spend the smallest share of their IT budget on security see fewer threats, but that's not good news.
30 March 2021

What We Know (and Don't Know) So Far About the 'Supernova' SolarWinds Attack

A look at the second elusive attack targeting SolarWinds software that researchers at Secureworks recently cited as the handiwork of Chinese nation-state hackers.
30 March 2021

Ziggy Ransomware Gang Offers Refunds to Victims

Ziggy Ransomware Gang Offers Refunds to Victims Ziggy joins Fonix ransomware group and shuts down, with apologies to targets.
30 March 2021

Malicious Docker Cryptomining Images Rack Up 20M Downloads

Malicious Docker Cryptomining Images Rack Up 20M Downloads Publicly available cloud images are spreading Monero-mining malware to unsuspecting cloud developers.
30 March 2021

White Ops Renames Company 'Human'

The company first confirmed plans to change its name in October 2020.
30 March 2021

Reduced Certification Requirements for PA-QSA Secure Software Assessor Candidates until 30 June 2021

Reduced Certification Requirements for PA-QSA Secure Software Assessor Candidates until 30 June 2021

When the Payment Application Data Security Standard (PA-DSS) v3.2 closes on 28 October 2022, it will be superseded by the Secure Software Standard and Program, which is part of the PCI Software Security Framework (SSF).

30 March 2021

Whistleblower: Ubiquiti Breach “Catastrophic”

On Jan. 11, Ubiquiti Inc. [NYSE:UI] — a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras — disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. Now a source who participated in the incident response to that breach alleges Ubiquiti massively downplayed a “catastrophic” incident to minimize the hit to its stock price, and that the third-party cloud provider claim was a fabrication.
30 March 2021

What You Need to Know -- or Remember -- About Web Shells

What You Need to Know -- or Remember -- About Web Shells What's old is new again as Web shell malware becomes the latest attack vector in widespread Exchange exploits. Here's a primer on what Web shells are and what they do.
30 March 2021

Watch Out for These Cyber-Risks

It's difficult to predict what will materialize in the months ahead in terms of cyber-risks, which is why it's wise to review your organization's security posture now.
30 March 2021

What You Need to Know -- or Remember -- About Web Shells

What You Need to Know -- or Remember -- About Web Shells What's old is new again as Web shell malware becomes the latest attack vector in widespread Exchange exploits. Here's a primer on what Web shells are and what they do.
30 March 2021

SolarWinds Attackers Accessed DHS Emails, Report

SolarWinds Attackers Accessed DHS Emails, Report Current and former administration sources say the nation-state attackers were able to read the Homeland Security Secretary's emails, among others.
30 March 2021

Ghost Users Haunt Healthcare Firms

Data security hygiene severely lacking among healthcare firms, new research shows.
30 March 2021

Backdoor added to PHP source code in Git server breach

Had the incident gone unnoticed, the attackers could have taken over websites using the tainted code

The post Backdoor added to PHP source code in Git server breach appeared first on WeLiveSecurity

30 March 2021

Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain

Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain The Cyber Kill Chain and MITRE ATT&CK are popular reference frameworks to analyze breaches, but amid the rise of XDR, we may need a new one.
30 March 2021