Cybersecurity News
Intel Doubles Down on Emerging Technologies for Sharing and Using Data Securely
Homomorphic encryption and federated learning could allow groups to share data and analysis while protecting the actual information.04 December 2020
VMware Rolls a Fix for Formerly Critical Zero-Day Bug
VMware has issued a full patch and revised the severity level of the NSA-reported vulnerability to "important."
04 December 2020
Flash Dies but Warning Signs Persist: A Eulogy for Tech's Terrible Security Precedent
Flash will be gone by the end of the year, but the ecosystem that allowed it to become a software security serial killer is ready to let it happen again.04 December 2020
IRS to Make ID Protection PIN Open to All
The U.S. Internal Revenue Service (IRS) said this week that beginning in 2021 it will allow all taxpayers to apply for an identity protection personal identification number (IP PIN), a single-use code designed to block identity thieves from falsely claiming a tax refund in your name. Currently, IP PINs are issued only to those who fill out an ID theft affidavit, or to taxpayers who've experienced tax refund fraud in previous years.04 December 2020
Vancouver Metro Disrupted by Egregor Ransomware
The attack, which prevented Translink users from using their metro cards or buying tickets at kiosks, is the second from the prolific threat group just this week.
04 December 2020
Cybersecurity Advent Calendar: Let Santa in, keep hackers out!
Santa will soon come down the chimney, but there are potential entry points into your home and digital life that you should never leave open
The post Cybersecurity Advent Calendar: Let Santa in, keep hackers out! appeared first on WeLiveSecurity
04 December 2020
Ransomware attack cripples Vancouver public transportation agency
TransLink customers left unable to use the agency's public ticketing kiosks and cards for two days.04 December 2020
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise - and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
04 December 2020
Edward Snowden asks Trump to pardon Wikileaks founder Julian Assange
Snowden claims the pardon would save Assange's life.03 December 2020
Potential Nation-State Actor Targets COVID-19 Vaccine Supply Chain
Companies involved in technologies for keeping vaccines cold enough for safe storage and transportation are being targeted in a sophisticated spear-phishing campaign, IBM says.03 December 2020
TrickBot's New Tactic Threatens Firmware
A newly discovered module checks machines for flaws in the UEFI/BIOS firmware so malware can evade detection and persist on a device.03 December 2020
Researchers Discover New Obfuscation-As-a-Service Platform
Researchers detail how a Android APK obfuscation service automates detection evasion for highly malicious apps.03 December 2020
Kmart, Latest Victim of Egregor Ransomware – Report
The struggling retailer's back-end services have been impacted, according to a report, just in time for the holidays.
03 December 2020
Common Container Manager Is Vulnerable to Dangerous Exploit
Container manager vulnerability is one of several weaknesses and vulnerabilities recently disclosed for Docker.03 December 2020
Cloud Security Threats for 2021
Most of these issues can be remediated, but many users and administrators don't find out about them until it's too late.03 December 2020
TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions
A new "TrickBoot" module scans for vulnerable firmware and has the ability to read, write and erase it on devices.
03 December 2020
Dell announces new protections for its PC and server supply chain
Dell to start using tamper-evident seals during physical transport and provide a software reset feature to wipe hard-drives before customer deployment.03 December 2020
US Officials Take Action Against 2,300 Money Mules
Eight federal law enforcement agencies participated in the Money Mule Initiative, a global crackdown on money laundering.03 December 2020
iPhone hack allowed device takeover via Wi‑Fi
Using a zero-click exploit, an attacker could have taken complete control of any iPhone within Wi-Fi range in seconds
The post iPhone hack allowed device takeover via Wi‑Fi appeared first on WeLiveSecurity
03 December 2020
Researchers Bypass Next-Generation Endpoint Protection
Machine learning-based products can be tricked to classify malware as a legitimate file, new findings show.03 December 2020