Cybersecurity News
Cisco Warns of Critical Auth-Bypass Security Flaw
Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches.
25 February 2021
This chart shows the connections between cybercrime groups
CrowdStrike puts together a list of connections and how cybercrime groups cooperate with each other.25 February 2021
Cybercriminals Target QuickBooks Databases
Stolen financial files then get sold on the Dark Web, researchers say.24 February 2021
New APT Group Targets Airline Industry & Immigration
LazyScript bears similarities to some Middle Eastern groups but appears to be a distinct operation of its own, Malwarebytes says.24 February 2021
61% of Malware Delivered via Cloud Apps: Report
Researchers report the majority of malware is now delivered via cloud applications - a jump from 48% last year.24 February 2021
Tax Season Ushers in Quickbooks Data-Theft Spike
Quickbooks malware targets tax data for attackers to sell and use in phishing scams.
24 February 2021
More than 6,700 VMware servers exposed online and vulnerable to major new bug
Proof-of-concept exploit code has been published online earlier today, and active scans for vulnerable VMware systems have been detected already.24 February 2021
Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking
Mozilla said its Total Cookie Protection feature in Firefox 86 prevents invasive, cross-site cookie tracking.
24 February 2021
Google Invests in Linux Kernel Developers to Focus on Security
Google will fund two full-time Linux kernel developers to maintain and improve Linux security in the long term.24 February 2021
Kaseya Buys Managed SOC Provider
Purchase extends offerings for MSP and SMB customers24 February 2021
The Realities of Extended Detection and Response (XDR) Technology
While the term XDR has become pervasive, the technology and market remain a work in progress with lots of innovation and market confusion.24 February 2021
VMWare Patches Critical RCE Flaw in vCenter Server
The vulnerability, one of three patched by the company this week, could allow threat actors to breach the external perimeter of a data center or leverage backdoors already installed to take over a system.
24 February 2021
Universities Face Double Threat of Ransomware, Data Breaches
Lack of strong security policies put many schools at risk of compromise, disrupted services, and collateral damage.24 February 2021
Google’s Password Checkup tool rolling out to Android devices
People who use devices running Android 9 or newer will be alerted if their login credentials have been stolen
The post Google’s Password Checkup tool rolling out to Android devices appeared first on WeLiveSecurity
24 February 2021
Cartoon Caption Winner: Be Careful Who You Trust
And the winner of The Edge's February cartoon caption contest is ...
24 February 2021
Nvidia’s Anti-Cryptomining GPU Chip May Not Discourage Attacks
The hotly anticipated GeForce RTX 3060, a ray-tracing-friendly, advanced gaming graphics chip, will also throttle Ethereum mining.
24 February 2021
Ukraine reports cyber-attack on government document management system
Ukrainian officials blame "one of the hacker spy groups from the Russian Federation."24 February 2021
Microsoft Lures Populate Half of Credential-Swiping Phishing Emails
As more organizations migrate to Office 365, cybercriminals are using Outlook, Teams and other Microsoft-themed phishing lures to swipe user credentials.
24 February 2021
3 Security Flaws in Smart Devices & IoT That Need Fixing
The scope and danger of unsecured, Internet-connected hardware will only continue to deepen.24 February 2021
Botnet Uses Blockchain to Obfuscate Backup Command & Control Information
The tactic makes it much harder for defenders to take down botnets via sinkholing and other standard techniques, Akamai says.24 February 2021