Cybersecurity News
Contemplating the Coffee Supply Chain: A Horror Story
On the bean-to-cup journey, dangers await around every corner. Here, well-caffeinated security experts warn the coffee industry about the threats.
REvil Group Claims Slew of Ransomware Attacks
The threat group behind the Sodinokibi ransomware claimed to have recently compromised nine organizations.
Europol Credits Sweeping Arrests to Cracked Sky ECC Comms
Sky ECC claims that cops cracked a fake version of the app being passed off by disgruntled reseller.
Can a Programming Language Reduce Vulnerabilities?
Rust offers a safer programming language, but adoption is still a problem despite recent signs of increasing popularity.Metamorfo Banking Trojan Abuses AutoHotKey to Avoid Detection
A legitimate binary for creating shortcut keys in Windows is being used to help the malware sneak past defenses, in a rash of new campaigns.
Microsoft Exchange Exploits Pave a Ransomware Path
As attacks double every hour, hackers are exploiting vulnerable Microsoft Exchange servers and installing a new family of ransomware called DearCry.
Molson Coors Cracks Open a Cyberattack Investigation
The multinational brewing company did not say what type of incident caused a ‘systems outage,’ but it's investigating and working to get networks back online.
Week in security with Tony Anscombe
ESET research into exploitation of Microsoft Exchange flaws – How smart sex toys may expose your privacy – E-health versus your personal data
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Power Equipment: A New Cybersecurity Frontier
Power systems, HVAC systems, and other network-connected devices are exposing new vulnerabilities that must be secured.Microsoft Reports 'DearCry' Ransomware Targeting Exchange Servers
Attackers have begun to deploy ransomware on Microsoft Exchange Servers compromised by the ProxyLogon exploits.Just Released: Version 3.1 of the PCI PIN Security Standard
Today, the PCI SSC published a minor revision to the PCI PIN Security Requirements and Testing Procedures—also known as the PCI PIN Security Standard. Version 3.1 of the Standard includes clarifications and updates previously released via FAQs and bulletins and incorporates stakeholder feedback and comments received via a formal request for comment (RFC) period.
Uber, Lyft to share data on drivers banned for sexual, physical assault
The measure may stop banned drivers from being able to jump between platforms.The future of data privacy: confidential computing, quantum safe cryptography take center stage
IBM is working on future-proof encryption methods able to keep our data safe both in storage and active use.Netflix weighs up crackdown on password sharing
Streaming service tests feature that asks viewers if they share household with subscriber
Netflix has begun testing a feature that asks viewers whether they share a household with a subscriber, in a move that could lead to crackdown on the widespread practice of sharing passwords among friends and family.
Some Netflix users are reported to have received a message asking them to confirm they live with the account owner by entering a code included in a text message or email sent to the subscriber.
Continue reading...Netflix wants to stop you sharing your password
Many of us do it. Netflix is testing ways to restrict you from sharing your account details.Microsoft Exchange Server hacks ‘doubling’ every two hours
A ransomware variant is now also leveraging the critical vulnerabilities.F5 Networks Urges Customers to Update to New Versions of Its App Delivery Tech
F5 BIG-IP and BIG-IQ have multiple critical vulnerabilities that enable attackers to completely compromise systems.Network Pivots, Patch Bypasses: Exploits Hit Hard in 2020
An analysis of 50 vulnerabilities finds a spectrum of risk, from widespread vulnerabilities exploited by a variety of attackers to serious issues that will likely be exploited in 2021.Molson Coors Beer Operations Halted by Hack
No details yet disclosed on the cyberattack.Does XDR Mark the Spot? 6 Questions to Ask
Extended detection and response technology goes well beyond endpoint management to provide visibility into networks, servers, cloud, and applications. Could it be the answer to your security challenges?
