Cybersecurity News
This botnet is abusing Bitcoin blockchains to stay in the shadows
BTC transactions are being used to obfuscate malicious activity.24 February 2021
Start Options, B2G founder indicted for alleged digital currency, investor fraud
The individual has been accused of being part of a scheme to defraud "hundreds" of investors.24 February 2021
COVID pandemic causes spike in cyberattacks against hospitals, medical companies
IBM says attack rates have doubled against medical entities since the pandemic began.24 February 2021
SolarWinds Attackers Lurked for 'Several Months' in FireEye's Network
Top execs from FireEye, SolarWinds, Microsoft, and CrowdStrike testified before the US Senate Intelligence Committee today on the aftermath - and ongoing investigations - into the epic attacks.23 February 2021
Airplane maker Bombardier data posted on ransomware leak site following FTA hack
Bombardier is the latest in a long string of hacks caused by companies using old versions of the Accellion FTA file-sharing server.23 February 2021
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Also on Krebs' radar: the cyber-response to COVID-19 and intelligence-sharing between private and public sectors.23 February 2021
SonicWall Releases Second Set of February Firmware Patches
The latest patches, for its SMA 100 series products, comes less than three weeks after an updates to patch a zero-day vulnerability.23 February 2021
Daycare Webcam Service Exposes 12,000 User Accounts
NurseryCam suspends service across 40 daycare centers until a security fix is in place.23 February 2021
10K Targeted in Phishing Attacks Spoofing FedEx, DHL Express
The two campaigns aimed to steal victims' business email account credentials by posing as the shipping companies.23 February 2021
IBM Squashes Critical Remote Code-Execution Flaw
A critical-severity buffer-overflow flaw that affects IBM Integration Designer could allow remote attackers to execute code.23 February 2021
Augmenting SMB Defense Strategies With MITRE ATT&CK: A Primer
Any organization can use MITRE ATT&CK as a force multiplier, but it's especially valuable for small ones.23 February 2021
Clubhouse chats streamed to third‑party website
The incident raises concerns about the privacy and security of conversations taking place on the platform
The post Clubhouse chats streamed to third‑party website appeared first on WeLiveSecurity
23 February 2021
Flash version distributed in China after EOL is installing adware
Security researchers say the Chinese Flash app is behaving lide adware and opening browser windows to show ads.23 February 2021
Google's Password Checkup feature coming to Android
The Password Checkup feature will tell Android users when one of their passwords has been exposed in an online data breach.23 February 2021
Finnish IT Giant Hit with Ransomware Cyberattack
A major Finnish IT provider has been hit with a ransomware attack that has forced the company to turn off some services and infrastructure in a disruption to customers, while it takes recovery measures. Norwegian business journal E24 reported the attack on Espoo, Finland-based TietoEVRY on Tuesday, claiming to have spoken with Geir Remman, a […]23 February 2021
Checkout Skimmers Powered by Chip Cards
Easily the most sophisticated skimming devices made for hacking terminals at retail self-checkout lanes are a new breed of PIN pad overlay combined with a flexible, paper-thin device that fits inside the terminal's chip reader slot. What enables these skimmers to be so slim? They draw their power from the low-voltage current that gets triggered when a chip-based card is inserted. As a result, they do not require external batteries, and can remain in operation indefinitely.23 February 2021
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
When siloed functions unite in the face of cyberthreats, organizations can continue, uninterrupted, along their paths to digital transformation.23 February 2021
CVSS as a Framework, Not a Score
The venerable system has served us well but is now outdated. Not that it's time to throw the system away -- use it as a framework to measure risk using modern, context-based methods.23 February 2021
10K Microsoft Email Users Hit in FedEx Phishing Attack
Microsoft users are receiving emails pretending to be from mail couriers FedEx and DHL Express - but that really steal their credentials.23 February 2021
Qualcomm, Sophos ink deal to secure 5G Snapdragon PCs
Sophos will provide endpoint protection for always on, always connected PCs.23 February 2021