Cybersecurity News


Hiding in Plain Sight: What the SolarWinds Attack Revealed About Efficacy

Multilayered infiltration involved custom malicious tooling, backdoors, and cloaked code, far beyond the skills of script kiddies.
18 February 2021

Exploit Details Emerge for Unpatched Microsoft Bug

Exploit Details Emerge for Unpatched Microsoft Bug A malicious website or malicious ad can trigger an exploit for the IE zero-day bug, opening the door for data theft and code execution, new analysis notes.
18 February 2021

Microsoft says SolarWinds hackers downloaded some Azure, Exchange, and Intune source code

Microsoft says it has completed its investigation into its SolarWinds-related breach.
18 February 2021

Malware authors already taking aim at Apple M1 Macs

The first instance of malicious code native to Apple Silicon M1 Macs emerged a month after the release of devices equipped with the company’s in-house CPUs

The post Malware authors already taking aim at Apple M1 Macs appeared first on WeLiveSecurity

18 February 2021

Data security accountability in an age of regular breaches

As the number of vendors impacted by supply-chain breaches grows, one constant question remains: where exactly does accountability for data security lie, and what part do end users play in their own data breach protection?
18 February 2021

RIPE NCC discloses failed brute-force attack on its SSO service

RIPE NCC, which manages the IP address space for the EMEA region, is now asking its 20,000 member orgs to enable 2FA for their accounts.
18 February 2021

How to Run a Successful Penetration Test

How to Run a Successful Penetration Test These seven tips will help ensure a penetration test improves your organization's overall security posture.
18 February 2021

How to Run a Successful Penetration Test

How to Run a Successful Penetration Test These seven tips will help ensure a penetration test improves your organization's overall security posture.
18 February 2021

Mac Malware Targets Apple’s In-House M1 Processor

Mac Malware Targets Apple’s In-House M1 Processor A malicious adware-distributing application specifically targets Apple's new M1 SoC, used in its newest-generation MacBook Air, MacBook Pro and Mac mini devices.
18 February 2021

CrowdStrike acquires Humio for $400 million

Deal expected to close at the end of Q1 2021.
18 February 2021

Virginia Takes Different Tack Than California With Data Privacy Law

Online businesses targeting Virginia consumers and have personal data of 100,000 consumers in the state must conform to the new statute.
18 February 2021

The Edge Pro Tip: Say What You Know

The Edge Pro Tip: Say What You Know During the immediate period following a breach, it's vital to move fast - but not trip over yourself.
18 February 2021

Pro Tip: Say What You Know

Pro Tip: Say What You Know During the immediate period following a breach, it's vital to move fast - but not trip over yourself.
18 February 2021

SDK Bug Lets Attackers Spy on User’s Video Calls Across Dating, Healthcare Apps

SDK Bug Lets Attackers Spy on User’s Video Calls Across Dating, Healthcare Apps Apps like eHarmony and MeetMe are affected by a flaw in the Agora toolkit that went unpatched for eight months, researchers discovered.
18 February 2021

Windows and Linux servers targeted by new WatchDog botnet for almost two years

WatchDog botnet uses exploits to take over servers and mine cryptocurrency.
18 February 2021

Masslogger Trojan reinvented in quest to steal Outlook, Chrome credentials

The operators have also been linked to the use of AgentTesla, Formbook, and AsyncRAT.
18 February 2021

Egregor Arrests a Blow, But Ransomware Will Likely Bounce Back

Similar to previous ransomware takedowns, this disruption to the ransomware-as-a-service model will likely be short-lived, security experts say.
17 February 2021

US Unseals Indictments Against North Korean Cyberattackers for Thefts Totaling $1.3B

US Unseals Indictments Against North Korean Cyberattackers for Thefts Totaling $1.3B FBI, CISA, and Treasury Department also release details about North Korean malware used in cryptocurrency thefts since 2018.
17 February 2021

White House Says 100 Private Sector Orgs Hit in SolarWinds Campaign

Anne Neuberger, a top Biden cybersecurity official, provided an update on the government's investigation into the massive breach.
17 February 2021

Microsoft starts removing Flash from Windows devices via new KB4577586 update

Windows 10 users are reporting seeing a new update this week that permanently removes Flash from their systems.
17 February 2021