Cybersecurity News


Four security vendors disclose SolarWinds-related incidents

Mimecast, Palo Alto Networks, Qualys, and Fidelis confirmed this week they were also targeted during the SolarWinds supply chain attack.
26 January 2021

Cartoon Caption Winner: Before I Go ...

Cartoon Caption Winner: Before I Go ... And the winner of The Edge's January cartoon caption contest is ...
26 January 2021

Fighting the Rapid Rise of Cyber Warfare in a Changing World

Global cyber warfare is a grim reality, but strong public-private relationships and security frameworks can safeguard people, institutions, and businesses.
26 January 2021

Criminal, Domestic Violence Case Info Exposed in Cook County Leak

Criminal, Domestic Violence Case Info Exposed in Cook County Leak Cook County, Ill., home to Chicago, has left a database exposed since at least September that contained sensitive criminal and family-court records.
26 January 2021

Nefilim Ransomware Gang Hits Jackpot with Ghost Account

Nefilim Ransomware Gang Hits Jackpot with Ghost Account An unmonitored account belonging to a deceased employee allowed Nefilim to exfiltrate data and infiltrate systems for a month, without being noticed.
26 January 2021

Firefox 85 removes Flash and adds protection against supercookies

Firefox now joins Chrome and Edge, both of which removed support for Flash earlier this month.
26 January 2021

Wormable Android malware spreads via WhatsApp messages

“Download This application and Win Mobile Phone”, reads the message attempting to trick users into downloading a fake Huawei app

The post Wormable Android malware spreads via WhatsApp messages appeared first on WeLiveSecurity

26 January 2021

South African government releases its own browser just to re-enable Flash support

For some people, it's apparently easier to manage your own browser than port some web forms from Flash to HTML.
26 January 2021

Learn SAML: The Language You Don't Know You're Already Speaking

Learn SAML: The Language You Don't Know You're Already Speaking Security Assertion Markup Language, a protocol most people use daily to log into applications, makes authentication easier for both admins and users. Here's what you need to know about SAML (and what it has to do with 'GoldenSAML').
26 January 2021

Mainframe Security Automation Is Not a Luxury

As cyber threats grow, even the most securable platform is vulnerable and requires adaptive autonomous protection.
26 January 2021

North Korea Targets Security Researchers in Elaborate 0-Day Campaign

North Korea Targets Security Researchers in Elaborate 0-Day Campaign Hackers masquerade as security researchers to befriend analysts and eventually infect fully patched systems at multiple firms with a malicious backdoor.
26 January 2021

Startup Offers Free Version of its 'Passwordless' Technology

Beyond Identity co-founders hope to move the needle in eliminating the need for passwords, but experts say killing passwords altogether won't be easy.
26 January 2021

Cybercriminals use deceased staff accounts to spread Nemty ransomware

Researchers explore how ‘ghost’ accounts can become targets for threat actors.
26 January 2021

TikTok Flaw Lay Bare Phone Numbers, User IDs For Phishing Attacks

TikTok Flaw Lay Bare Phone Numbers, User IDs For Phishing Attacks A security flaw in TikTok could have allowed attackers to query query the platform's database – potentially opening up for privacy violations.
26 January 2021

Google: North Korean hackers have targeted security researchers via social media

Google TAG warns security researchers to be on the lookout when approached by unknown individuals on social media.
25 January 2021

Critical Vulns Discovered in Vendor Implementations of Key OT Protocol

Flaws allow denial-of-service attacks and other malicious activity, Claroty says.
25 January 2021

Claroty Discloses Multiple Critical Vulns in Vendor Implementations of Key OT Protocol

Flaws allow denial-of-service attacks and other malicious activity, vendor says.
25 January 2021

SonicWall Is Latest Security Vendor to Disclose Cyberattack

The network security firm is investigating a coordinated campaign in which attackers exploited vulnerabilities in SonicWall's products.
25 January 2021

Breaking Down Joe Biden’s $10B Cybersecurity ‘Down Payment’

Breaking Down Joe Biden’s $10B Cybersecurity ‘Down Payment’ Tom Kellermann, head of cybersecurity strategy for VMware Carbon Black, talks about the top security challenges facing the US government as a new presidential administration steps in.
25 January 2021

Deloitte & Touche Buys Threat-Hunting Firm

Root9B (R9B) offers threat hunting and other managed security services.
25 January 2021