Cybersecurity News
Five Critical Android Bugs Patched, Part of Feb. Security Bulletin
February’s security update for the mobile OS includes a Qualcomm flaw rated critical, with a CVSS score of 9.8.
03 February 2021
Security in a Complex World
Innovation and complexity can co-exist; the key is to use innovation to make ever-expanding complexity comprehensible and its effects predictable.03 February 2021
Microsoft Defender ATP is detecting yesterday's Chrome update as a backdoor
Microsoft commercial antivirus product is labeling Chrome's latest update as being infected with the Funvalget backdoor.03 February 2021
Concerns Over API Security Grow as Attacks Increase
Some 66% of organizations say they have slowed deploying an app into production because of API security concerns.03 February 2021
SolarWinds Orion Bug Allows Easy Remote-Code Execution and Takeover
The by-now infamous company has issued patches for three security vulnerabilities in total.
03 February 2021
Mozilla expected to launch its VPN service in Germany and France in Q1 2021
Mozilla VPN is currently available in the US, the UK, Canada, New Zealand, Singapore, and Malaysia only.03 February 2021
Recent root-giving Sudo bug also impacts macOS
A bug in the Sudo app can let attackers with access to a local system to elevate their access to a root-level account.02 February 2021
FTC: ID Theft Doubled in 2020
The Federal Trade Commission said a surge in reports of identity theft occurred amid the COVID-19 pandemic.02 February 2021
Agent Tesla Upgrades with New Delivery & Evasion Tactics
A new version of the remote access Trojan targets Microsoft Anti-Malware Software Interface to bypass endpoint detection.02 February 2021
TrickBot Continues Resurgence with Port-Scanning Module
The infamous malware has incorporated the legitimate Masscan tool, which looks for open TCP/IP ports with lightning-fast results.
02 February 2021
Average Ransom Payments Declined Last Quarter
More victims appear to be realizing that paying a ransom doesn't guarantee stolen data will be purged.02 February 2021
Average Ransom Payments Declined Last Quarter
More victims appear to be realizing that paying a ransom doesn't guarantee stolen data will be purged.02 February 2021
Crypto Crook Hired Steven Seagal to Promote Scam, Now Faces Charges
Feds charged California-based private detective for stealing $11M from investors, with help from actor Steven Seagal.
02 February 2021
‘ValidCC,’ a Major Payment Card Bazaar and Looter of E-Commerce Sites, Shuttered
ValidCC, a dark web bazaar run by a cybercrime group that for more than six years hacked online merchants and sold stolen payment card data, abruptly closed up shop last week. The proprietors of the popular store said their servers were seized as part of a coordinated law enforcement operation designed to disconnect and confiscate its infrastructure.02 February 2021
RF Enables Takeover of Hostile Drones
Tempting as it may be to blast drones out of the sky, a less aggressive approach may yield better data about attackers - and keep bystanders safe.02 February 2021
Tiny Kobalos Malware Bedevils Supercomputers to Steal Logins
The sophisticated backdoor steals SSH credentials for servers in academic and scientific high-performance computing clusters.
02 February 2021
Magento Web Skimmers Piggyback in Ongoing Costway Website Compromise
An e-commerce credit-card skimmer is being used by a second skimmer to steal payment data - and both are on Costway's website.
02 February 2021
Attackers Continue to Nibble at Apple's iOS Security
For the second time in less than three months, Apple has patched vulnerabilities in the software for iPhone and iPad, warning that the issues are already being targeted by attackers.02 February 2021
SonicWall Confirms Zero-Day Vulnerability
The confirmation arrives as researchers with NCC Group detect a SonicWall zero-day flaw under active attack.02 February 2021
Google funds project to secure Apache web server project with new Rust component
Funded by Google and led by the Internet Security Research Group, Apache's web server is set to receive a new Rust-based mod_ssl module.02 February 2021
