Cybersecurity News
SolarWinds security fiasco may have started with simple password blunders
Many things came together to crack SolarWinds, but it may all have started with that classic mistake of leaking a lousy password.01 March 2021
Is Your Browser Extension a Botnet Backdoor?
A company that rents out access to more than 10 million Web browsers so that clients can hide their true Internet addresses has built its network by paying browser extension makers to quietly include its code in their creations. This story examines the lopsided economics of extension development, and why installing an extension can be such a risky proposition.01 March 2021
MSP Provider Builds Red Team as Attackers Target Industry
NinjaRMM, which provides tools for managed service providers, aims to create a red team capability following years of attacks against MSPs.01 March 2021
Popular password manager in the spotlight over web trackers
While the trackers in LastPass’ Android app don’t collect any personal data, the news may not sit well with some privacy-minded users
The post Popular password manager in the spotlight over web trackers appeared first on WeLiveSecurity
01 March 2021
Firewall Vendor Patches Critical Auth Bypass Flaw

01 March 2021
Cybercrime 'Help Wanted': Job Hunting on the Dark Web

01 March 2021
Building a Next-Generation SOC Starts With Holistic Operations
The proper template for a modernized SOC team is one that operates seamlessly across domains with a singular, end-to-end view.01 March 2021
How Criminals Job Hunt on the Dark Web

01 March 2021
Hackers exploit websites to give them excellent SEO before deploying malware
Climbing up Google’s ranks is key to this new technique.01 March 2021
Tether faces 500 Bitcoin ransom: We are ‘not paying’
The cryptocurrency firm says “forged” documents attempting to undermine the ecosystem as a whole are also circulating.01 March 2021
Judge approves $650m settlement for Facebook users in privacy, biometrics lawsuit
Facebook users represented in the lawsuit may soon receive hundreds of dollars each.01 March 2021
Minion privilege escalation exploit patched in SaltStack Salt project
The bug permitted attackers to perform privilege escalation attacks in the automation software.01 March 2021
Businessman charged with intent to steal General Electric’s secret silicon technology
Trade secrets worth millions on the market were the goal of the conspiracy.01 March 2021
Amazon Dismisses Claims Alexa ‘Skills’ Can Bypass Security Vetting Process

26 February 2021
Stalkerware Volumes Remain Concerningly High, Despite Bans

26 February 2021
NSA Releases Guidance on Zero-Trust Architecture
A new document provides guidance for businesses planning to implement a zero-trust system management strategy.26 February 2021
Lazarus Targets Defense Companies with ThreatNeedle Malware

26 February 2021
The Edge Pro Tip: Fasten Your Seatbelts

26 February 2021
Chrome will soon try HTTPS first when you type an incomplete URL
If users type an URL and they forget to add the HTTP or HTTPS prefix, Chrome will soon use HTTPS by default.26 February 2021