Cybersecurity News


Leaked Development Secrets a Major Issue for Repositories

Every day, more than 5,000 private keys, database connection strings, certificates, and passwords are leaked to GitHub repositories, putting applications at risk.
09 March 2021

Google Play Harbors Malware-Laced Apps Delivering Spy Trojans

Google Play Harbors Malware-Laced Apps Delivering Spy Trojans A never-before-seen malware-dropper, Clast82, fetches the AlienBot and MRAT malware in a savvy Google Play campaign aimed at Android users.
09 March 2021

WhatsApp may soon roll out encrypted chat backups

While chats are end-to-end encrypted, their backups are not – this may change soon

The post WhatsApp may soon roll out encrypted chat backups appeared first on WeLiveSecurity

09 March 2021

Apple Plugs Severe WebKit Remote Code-Execution Hole

Apple Plugs Severe WebKit Remote Code-Execution Hole Apple pushed out security updates for a memory-corruption bug to devices running on iOS, macOS, watchOS and for Safari.
09 March 2021

Microsoft Pushes Patches for Older Versions of Exchange Server

Additional patches arrive as CISA issues an alert urging all organizations to immediately patch the Microsoft Exchange vulnerabilities.
09 March 2021

Look to Banking as a Model for Stopping Crime-as-a-Service

The first step toward prevention is understanding the six most common CaaS services.
09 March 2021

Malicious apps on Google Play dropped banking Trojans on user devices

The utility apps contained a previously-unknown dropper for financial malware.
09 March 2021

UnityMiner cryptocurrency malware hijacks QNAP storage devices

A remote code execution bug is to blame this time.
09 March 2021

KnowBe4 Buys Competitor MediaPRO

Known for its phishing simulation platform, KnowBe4 says deal will help it expand in privacy and compliance training market.
08 March 2021

McAfee to Sell Enterprise Business to Equity Firm STG for $4B

The planned move is unlikely to do much for enterprise customers or for security vendor's consumer business, analysts say.
08 March 2021

Microsoft Exchange Server Attack Escalation Prompts Patching Panic

US government officials weigh in on the attacks and malicious activity, which researchers believe may be the work of multiple groups.
08 March 2021

Intel, Microsoft Aim for Breakthrough in DARPA Encryption Project

Together, the vendor giants aim to make "in use" encryption -- also known as "fully homomorphic encryption" -- economical and practical.
08 March 2021

Newest Intel Side-Channel Attack Sniffs Out Sensitive Data

Newest Intel Side-Channel Attack Sniffs Out Sensitive Data A new side-channel attack takes aim at Intel's CPU ring interconnect in order to glean sensitive data.
08 March 2021

Crypto-Miner Campaign Targets Unpatched QNAP NAS Devices

Crypto-Miner Campaign Targets Unpatched QNAP NAS Devices Researchers warn two critical bugs impacting multiple QNAP firmware versions are under active attack.
08 March 2021

The Edge Pro Tip: Proceed With Caution

The Edge Pro Tip: Proceed With Caution Security pros offer up their post-SolarWinds patch-management advice.
08 March 2021

Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords

Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords A phishing attack targeting Microsoft users leverages a bogus Google reCAPTCHA system.
08 March 2021

A Basic Timeline of the Exchange Mass-Hack

Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. Here's a brief timeline of what we know leading up to last week's mass-hack, when hundreds of thousands of Microsoft Exchange Server systems got compromised and seeded with a powerful backdoor Trojan horse program.
08 March 2021

Why Data Privacy Should Be on President Biden's Agenda for His First 100 Days

The new administration is in an excellent position to make significant progress on data privacy -- not just because it's needed, but also because it's time.
08 March 2021

Women in cybersecurity: Gender gap narrows but not enough

The number of women joining the ranks of cybersecurity practitioners is steadily increasing, but a lot still needs to be done to close the gap

The post Women in cybersecurity: Gender gap narrows but not enough appeared first on WeLiveSecurity

08 March 2021

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks

SolarWinds servers are being exploited to deploy the malicious .NET web shell.
08 March 2021