Cybersecurity News


Black Hat USA

Mandalay Bay Convention Center Las Vegas
10 March 2021

Nim-Based Malware Loader Spreads Via Spear-Phishing Emails

Nim-Based Malware Loader Spreads Via Spear-Phishing Emails Spear-phishing emails are spreading the NimzaLoader malware loader, which some say may be used to download Cobalt Strike.
10 March 2021

2020 was a ‘record-breaking’ year in US school hacks, security failures

New research suggests “cybersecurity risks are now neither hypothetical, nor trivial.”
10 March 2021

Digitally Transforming Trusted Transactions Through Biometrics, ML & AI

The pandemic has increased the appetite for e-commerce and contactless payments, and biometrics and artificial intelligence are playing a larger role in securing those transactions.
10 March 2021

Call Recorder iPhone App Flaw Uncovered

Researcher finds thousands of recorded calls easily accessible to others.
10 March 2021

Breach Exposes Verkada Security Camera Footage at Tesla, Cloudflare

Breach Exposes Verkada Security Camera Footage at Tesla, Cloudflare Surveillance footage from companies such as Tesla as well as hospitals, prisons, police departments and schools was accessed in the hack.
10 March 2021

Microsoft expands AccountGuard ahead of elections, deepens Yubico partnership

Enhanced identity and access features are on offer in 31 democracies.
10 March 2021

Exchange servers under siege from at least 10 APT groups

ESET Research has found LuckyMouse, Tick, Winnti Group, and Calypso, among others, are likely using the recent Microsoft Exchange vulnerabilities to compromise email servers all around the world

The post Exchange servers under siege from at least 10 APT groups appeared first on WeLiveSecurity

10 March 2021

Online health security – when ‘opt out’ isn’t an option

What happens when you try to opt out of e-health to avoid issues in the event of a breach?

The post Online health security – when ‘opt out’ isn’t an option appeared first on WeLiveSecurity

10 March 2021

OVHcloud data centers engulfed in flames

Customers are being urged to launch their own disaster recovery plans.
10 March 2021

Microsoft Patch Tuesday, March 2021 Edition

On the off chance you were looking for more security to-dos from Microsoft today...the company released software updates to plug more than 82 security flaws in Windows and other supported software. Ten of these earned Microsoft's "critical" rating, meaning they can be exploited by malware or miscreants with little or no help from users.
09 March 2021

Apple’s Device Location-Tracking System Could Expose User Identities

Apple’s Device Location-Tracking System Could Expose User Identities Researchers have identified two vulnerabilities in the company’s crowd-sourced Offline Finding technology that could jeopardize its promise of privacy.
09 March 2021

Microsoft Patch Tuesday Updates Fix 14 Critical Bugs

Microsoft Patch Tuesday Updates Fix 14 Critical Bugs Microsoft's regularly scheduled March Patch Tuesday updates address 89 CVEs overall.
09 March 2021

Microsoft Patch Tuesday Fixes 82 CVEs, Internet Explorer Zero-Day

The monthly rollout follows last week's emergency Microsoft Exchange Server patch covering seven CVEs, four of which are under attack.
09 March 2021

Dark Web Markets for Stolen Data See Banner Sales

Dark Web Markets for Stolen Data See Banner Sales Despite an explosion in the sheer amount of stolen data available on the Dark Web, the value of personal information is holding steady, according to the 2021 Dark Web price index from Privacy Affairs. That leaves these thriving dirty data dealers in a familiar predicament — they need to lock down their growing businesses for […]
09 March 2021

Warning the World of a Ticking Time Bomb

Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United States. Each hacked server has been retrofitted with a "web shell" backdoor that gives the bad guys total, remote control, the ability to read all email, and easy access to the victim's other computers. Researchers are now racing to identify, alert and help victims, and hopefully prevent further mayhem.
09 March 2021

Adobe Critical Code-Execution Flaws Plague Windows Users

Adobe Critical Code-Execution Flaws Plague Windows Users The critical flaws exist in Adobe Framemaker, Connect and the Creative Cloud desktop application for Windows.
09 March 2021

Linux Foundation Debuts Sigstore Project for Software Signing

Sigstore aims to improve the open source software supply chain by simplifying the process of cryptographic software signing.
09 March 2021

Adobe releases batch of security fixes for Framemaker, Creative Cloud, Connect

This month’s security release tackles a handful of vulnerabilities.
09 March 2021

Microsoft's March Patch Tuesday: Critical remote code execution flaws, IE zero-day fixed

The fixes follow an unscheduled emergency release for Microsoft Exchange Server.
09 March 2021