Cybersecurity News
Dark Reading 'Name That Toon' Winner: Gather 'Round the Campfire
And the winner of Dark Reading's February cartoon caption contest is ...
09 March 2021
48% of Security Pros Prohibited From Intelligence-Sharing
Some do so anyway, according to new Kaspersky research.09 March 2021
COVID-19 Contact-Tracing Apps Signal Broader Mobile App Security Concerns
The rapid launch of contract-tracing apps to control COVID-19's spread opened the door to multiple security and privacy vulnerabilities.09 March 2021
Leaked Development Secrets a Major Issue for Repositories
Every day, more than 5,000 private keys, database connection strings, certificates, and passwords are leaked to GitHub repositories, putting applications at risk.09 March 2021
Google Play Harbors Malware-Laced Apps Delivering Spy Trojans
A never-before-seen malware-dropper, Clast82, fetches the AlienBot and MRAT malware in a savvy Google Play campaign aimed at Android users.
09 March 2021
WhatsApp may soon roll out encrypted chat backups
While chats are end-to-end encrypted, their backups are not – this may change soon
The post WhatsApp may soon roll out encrypted chat backups appeared first on WeLiveSecurity
09 March 2021
Apple Plugs Severe WebKit Remote Code-Execution Hole
Apple pushed out security updates for a memory-corruption bug to devices running on iOS, macOS, watchOS and for Safari.
09 March 2021
Microsoft Pushes Patches for Older Versions of Exchange Server
Additional patches arrive as CISA issues an alert urging all organizations to immediately patch the Microsoft Exchange vulnerabilities.09 March 2021
Look to Banking as a Model for Stopping Crime-as-a-Service
The first step toward prevention is understanding the six most common CaaS services.09 March 2021
Malicious apps on Google Play dropped banking Trojans on user devices
The utility apps contained a previously-unknown dropper for financial malware.09 March 2021
UnityMiner cryptocurrency malware hijacks QNAP storage devices
A remote code execution bug is to blame this time.09 March 2021
KnowBe4 Buys Competitor MediaPRO
Known for its phishing simulation platform, KnowBe4 says deal will help it expand in privacy and compliance training market.08 March 2021
McAfee to Sell Enterprise Business to Equity Firm STG for $4B
The planned move is unlikely to do much for enterprise customers or for security vendor's consumer business, analysts say.08 March 2021
Microsoft Exchange Server Attack Escalation Prompts Patching Panic
US government officials weigh in on the attacks and malicious activity, which researchers believe may be the work of multiple groups.08 March 2021
Intel, Microsoft Aim for Breakthrough in DARPA Encryption Project
Together, the vendor giants aim to make "in use" encryption -- also known as "fully homomorphic encryption" -- economical and practical.08 March 2021
Newest Intel Side-Channel Attack Sniffs Out Sensitive Data
A new side-channel attack takes aim at Intel's CPU ring interconnect in order to glean sensitive data.
08 March 2021
Crypto-Miner Campaign Targets Unpatched QNAP NAS Devices
Researchers warn two critical bugs impacting multiple QNAP firmware versions are under active attack.
08 March 2021
The Edge Pro Tip: Proceed With Caution
Security pros offer up their post-SolarWinds patch-management advice.
08 March 2021
Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords
A phishing attack targeting Microsoft users leverages a bogus Google reCAPTCHA system.
08 March 2021
A Basic Timeline of the Exchange Mass-Hack
Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. Here's a brief timeline of what we know leading up to last week's mass-hack, when hundreds of thousands of Microsoft Exchange Server systems got compromised and seeded with a powerful backdoor Trojan horse program.08 March 2021