1. Nmap Online
  2. Cybersecurity News

Cybersecurity News

Chrome, Firefox updates fix severe security bugs

Successful exploitation of some of these flaws could allow attackers to take control of vulnerable systems

The post Chrome, Firefox updates fix severe security bugs appeared first on WeLiveSecurity

08 January 2021

A crypto-mining botnet is now stealing Docker and AWS credentials

After if began stealing AWS credentials last summer, the TeamTNT botnet is now also stealing Docker API logins, making the use of firewalls mandatory for all internet-exposed Docker interfaces.
08 January 2021

Top 5 'Need to Know' Coding Defects for DevSecOps

Integrating static analysis into the development cycle can prevent coding defects and deliver secure software faster.
08 January 2021

FBI Warns of Egregor Attacks on Businesses Worldwide

FBI Warns of Egregor Attacks on Businesses Worldwide The agency said the malware has already compromised more than 150 organizations and provided insight into its ransomware-as-a-service behavior.
08 January 2021

Nvidia releases security update for high-severity graphics driver vulnerabilities

Exploits include data tampering, denial of service, and privilege escalation.
08 January 2021

Bugs in Firefox, Chrome, Edge Allow Remote System Hijacking

Bugs in Firefox, Chrome, Edge Allow Remote System Hijacking Major browsers get an update to fix separate bugs that both allow for remote attacks, which could potentially allow hackers to takeover targeted devices.
08 January 2021

New side-channel attack can recover encryption keys from Google Titan security keys

Attack requires physical access to the devices but Titan and other keys can be cloned if attacks are successful.
07 January 2021

Sealed U.S. Court Records Exposed in SolarWinds Breach

The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the U.S. Courts.
07 January 2021

Cobalt Strike & Metasploit Tools Were Attacker Favorites in 2020

Research reveals APT groups and cybercriminals employ these offensive security tools as often as red teams.
07 January 2021

FireEye's Mandia: 'Severity-Zero Alert' Led to Discovery of SolarWinds Attack

CEO Kevin Mandia shared some details on how his company rooted out the major cyberattack campaign affecting US government and corporate networks.
07 January 2021

Biden to Appoint Cybersecurity Advisor to NSC – Report

Biden to Appoint Cybersecurity Advisor to NSC – Report Anne Neuberger will join the National Security Council, according to sources.
07 January 2021

State Dept. to Create New Cybersecurity & Technology Agency

Bureau of Cyberspace Security and Emerging Technologies (CSET) will serve as diplomatic arm for US cybersecurity interests.
07 January 2021

Nvidia Warns Windows Gamers of High-Severity Graphics Driver Flaws

Nvidia Warns Windows Gamers of High-Severity Graphics Driver Flaws In all, Nvidia patched flaws tied to 16 CVEs across its graphics drivers and vGPU software, in its first security update of 2021.
07 January 2021

Even Small Nations Have Jumped into the Cyber Espionage Game

While the media tends to focus on the Big 5 nation-state cyber powers, commercial spyware has given smaller countries sophisticated capabilities, as demonstrated by a "zero-click" iMessage exploit that targeted journalists last year.
07 January 2021

All Aboard the Pequod!

Like countless others, I frittered away the better part of Jan. 6 doomscrolling and watching television coverage of the horrifying events unfolding in our nation's capital, where a mob of President Trump supporters and QAnon conspiracy theorists was incited to lay siege to the U.S. Capitol. For those trying to draw meaning from the experience, might I suggest consulting the literary classic Moby Dick, which simultaneously holds clues about QAnon's origins and offers an apt allegory about a modern-day Captain Ahab and his ill-fated obsessions.
07 January 2021

Ransomware Victims' Data Published via DDoSecrets

Activists behind Distributed Denial of Secrets has shared 1TB of data pulled from Dark Web sites where it was shared by ransomware attackers.
07 January 2021

How the Shady Zero-Day Sales Game Is Evolving

How the Shady Zero-Day Sales Game Is Evolving Zero-day vulns are cold, while access-as-a-service is hot. Here's how black market (and gray market) deals go down.
07 January 2021

Fired Healthcare Exec Stalls Critical PPE Shipment for Months

Fired Healthcare Exec Stalls Critical PPE Shipment for Months A fired Stradis Healthcare employee sought revenge by tampering with shipping data for desperately needed healthcare PPE.
07 January 2021

Ryuk gang estimated to have made more than $150 million from ransomware attacks

Most of the Ryuk gang's "earnings" are being cashed out through accounts at crypto-exchanges Binance and Huobi.
07 January 2021

Threatpost Poll: Weigh in on Ransomware Security

Threatpost Poll: Weigh in on Ransomware Security Provide your views on ransomware and how to deal with it in our anonymous Threatpost poll.
07 January 2021