Cybersecurity News
Attackers chain Windows, VPN flaws to target US government agencies
Bad actors have accessed US elections support systems, although there's no evidence to suggest that election data has been compromised, say FBI and CISA
The post Attackers chain Windows, VPN flaws to target US government agencies appeared first on WeLiveSecurity
13 October 2020
Election Systems Under Attack via Microsoft Zerologon Exploits
Cybercriminals are chaining Microsoft's Zerologon flaw with other exploits in order to infiltrate government systems, putting election systems at risk, a new CISA and FBI advisory warns.
13 October 2020
Authentication Bug Opens Android Smart-TV Box to Data Theft
The streaming box allows arbitrary code execution as root, paving the way to pilfering social-media tokens, passwords, messaging history and more.
13 October 2020
Trickbot Botnet Response Highlights Partnerships Preventing U.S. Election Interference
Recent efforts by USCYBERCOM and Microsoft to disrupt the Trickbot botnet highlight the importance of partnerships in successful malware botnet disruption.13 October 2020
TrickBot Takedown Disrupts Major Crimeware Apparatus
Microsoft and partners went after the botnet using a copyright infringement tactic and hunting down C2 servers.
13 October 2020
Online Voting Is Coming, but How Secure Will It Be?
It's time for state governments to act as leaders, adopt digital ID standards, enable new online voting systems, and provide broad-based access to all communities for the benefit of all.13 October 2020
Office 365: A Favorite for Cyberattack Persistence
Bad actors are leveraging legitimate services and tools within Microsoft's productivity suite to launch cyberattacks on COVID-19 stay-at-home workers, new research finds.
13 October 2020
Malware gangs love open source offensive hacking tools
Hacking tools released by security researchers often end up being abused by bad guys as well.13 October 2020
Software AG Continues Efforts Against $20M Ransomware Attack
The attack, which now includes extortion components, has moved into its second week.12 October 2020
Security Firms & Financial Group Team Up to Take Down Trickbot
Microsoft and security firms ESET, Black Lotus Labs, and Symantec collaborated with the financial services industry to cut off the ransomware operation's C2 infrastructure.12 October 2020
What is End-to-End Encryption?
Many services advertise E2EE, but not all of them actually offer it.
12 October 2020
Security Officers, Are Your Employees Practicing Good Habits from Home?
Even if you can't see your employees in the office, they still need to be reminded that criminals are always trying to spot a weak link in the chain.12 October 2020
Security Officers, Are Your Employers Practicing Good Habits from Home?
Even if you can't see your employees in the office, they still need to be reminded that criminals are always trying to spot a weak link in the chain.12 October 2020
A 7-Step Cybersecurity Plan for Healthcare Organizations
With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.
12 October 2020
Bitcoin wallet update trick has netted criminals more than $22 million
Criminal gangs are sending fake updates to owners of Electrum wallets, installing malware, and stealing user funds.12 October 2020
How to Pinpoint Rogue IoT Devices on Your Network
Researchers explain how security practitioners can recognize when a seemingly benign device could be malicious.12 October 2020
Ransomware Attackers Buy Network Access in Cyberattack Shortcut
Network access to various industries is being offered in underground forums at as little as $300 a pop - and researchers warn that ransomware groups like Maze and NetWalker could be buying in.
12 October 2020
Ransomware operators now outsource network access exploits to speed up attacks
The trend is on the rise as ransomware continues to be lucrative -- especially in the enterprise space.12 October 2020
Microsoft Uses Trademark Law to Disrupt Trickbot Botnet
Microsoft Corp. has executed a coordinated legal sneak attack in a bid to disrupt the malware-as-a-service botnet Trickbot, a global menace that has infected millions of computers and is used to spread ransomware. A court in Virginia granted Microsoft control over many Internet servers Trickbot uses to plunder infected systems, based on novel claims that the crime machine abused the software giant's trademarks. However, it appears the operation has not completely disabled the botnet.12 October 2020
Microsoft and others orchestrate takedown of TrickBot botnet
FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT, Symantec, and the Microsoft Defender team participated in the takedown.12 October 2020