Cybersecurity News
Identity Theft Spikes Due to COVID-19 Relief
Cases reported to the FTC doubled last year as cybercriminals took advantage of increased filing for government relief benefits due to the pandemic.
02 February 2021
Agent Tesla ramps up its game in bypassing security walls, attacks endpoint protection
The malware now attempts to disable Microsoft antivirus protection.02 February 2021
Interview With a Russian Cybercriminal
A LockBit ransomware operator shares why he became involved in cybercrime, how he chooses victims, and what's in his toolbox.02 February 2021
This Linux malware is hijacking supercomputers across the globe
Kobalos’ codebase is tiny, but its impact is not.02 February 2021
Kobalos – A complex Linux threat to high performance computing infrastructure
ESET researchers publish a white paper about unique multiplatform malware they’ve named Kobalos
The post Kobalos – A complex Linux threat to high performance computing infrastructure appeared first on WeLiveSecurity
02 February 2021
Ransomware gangs are abusing VMWare ESXi exploits to encrypt virtual hard disks
Two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, reported as abused in the wild.02 February 2021
Data on 1.4 Million Washington State Residents Breached
Unemployment data exposed via third-party software attack.01 February 2021
Wind River Security Incident Affects SSNs, Passport Numbers
Wind River Systems is warning of a 'security incident' after one or more files was downloaded from its network.
01 February 2021
Hezbollah-Linked Lebanese Cedar APT Infiltrates Hundreds of Servers
Enhanced Explosive RAT and Caterpillar tools are at the forefront of a global espionage campaign.
01 February 2021
SolarWinds Hack Prompts Congress to Put NSA in Encryption Hot Seat
Congress is demanding the National Security Agency come clean on what it knows about the 2015 supply-chain attack against Juniper Networks.
01 February 2021
Increase in Physical Security Incidents Adds to IT Security Pressures
A new study shows that many organizations have changed their physical security strategies to address new concerns since the COVID-19 outbreak.01 February 2021
Edge Poll: Hook, Line, and Sinker
How confident are you in your security team's ability to protect your organization from phishing?01 February 2021
Name That Edge Toon: Be Careful Who You Trust
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
01 February 2021
US Needs Comprehensive Policy to Combat China on IP Theft
The United States cannot lose sight of Chinese cyber operations that target intellectual property, a panel of experts says.01 February 2021
New Trickbot module uses Masscan for local network reconnaissance
The new Trickbot module is used to scan local networks for other nearby systems with open ports that could be hacked for quick lateral movement inside a company.01 February 2021
Critical Libgcrypt Crypto Bug Opens Machines to Arbitrary Code
The flaw in the free-source library could have been ported to multiple applications.
01 February 2021
Alleged Gaming Software Supply-Chain Attack Installs Spyware
Researchers allege that software used for downloading Android apps onto PCs and Macs has been compromised to install malware onto victim devices.
01 February 2021
Rapid7 Acquires Alcide, Strengthens Focus on Cloud
Its $50 million purchase of Alcide, a Kubernetes security provider, follows its 2020 acquisition of cloud security vendor DivvyCloud.01 February 2021
U.K. Arrest in ‘SMS Bandits’ Phishing Service
Authorities in the United Kingdom have arrested a 20-year-old man for allegedly operating an online service for sending high-volume phishing campaigns via mobile text messages. The service, marketed in the underground under the name "SMS Bandits," has been responsible for blasting out huge volumes of phishing lures spoofing everything from COVID-19 pandemic relief efforts to PayPal, telecommunications providers and tax revenue agencies.01 February 2021