Cybersecurity News
Operation Spalax: Targeted malware attacks in Colombia
ESET researchers uncover attacks targeting Colombian government institutions and private companies, especially from the energy and metallurgical industries
The post Operation Spalax: Targeted malware attacks in Colombia appeared first on WeLiveSecurity
Colombian energy, metal firms under fire in new Trojan attack wave
Threat actors have selected three different Trojans to conduct cyberespionage.Facebook targets “stop the steal” content ahead of Inauguration Day
Facebook is ramping up content moderation efforts with “new urgency.”Third malware strain discovered in SolarWinds supply chain attack
CrowdStrike, one of the two security firms formally investigating the hack, sheds some light on how hackers compromised the SolarWinds Orion app build process.Intel's New vPro Processors Aim to Help Defend Against Ransomware
The newest Intel Core vPro mobile platform gives PC hardware a direct role in detecting ransomware attacks.IoT Vendor Ubiquiti Suffers Data Breach
Cloud provider hosting "certain" IT systems attacked, company says.Aliens and UFOs: A Final Frontier for Social Engineers

Millions of Social Profiles Leaked by Chinese Data-Scrapers

Ubiquiti: Change Your Password, Enable 2FA
Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The company says an incident at a third-party cloud provider may have exposed customer account information and credentials used to remotely manage Ubiquiti gear.Ubiquiti tells customers to change passwords after security breach
Data for UI.com accounts was accessed in mysterious data breach.CES 2021: Intel adds ransomware detection capabilities at the silicon level
Intel 11th Gen Intel Core vPro CPUs with support for the Hardware Shield and TDT features will be able to detect ransomware attacks at the hardware level, many layers below antivirus software.Researcher Builds Parler Archive Amid Amazon Suspension

SolarWinds Hack Lessons Learned: Finding the Next Supply Chain Attack
The SolarWinds supply chain compromise won't be the last of its kind. Vendors and enterprises alike must learn and refine their detection efforts to find the next such attack.US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
How two traditionally disparate security disciplines can be united.Microsoft Sysmon adds support for detecting Process Herpaderping attacks
Sysmon 13.00, released today, can detect both Process Hollowing and Process Herpaderping attacks, giving system administrators an edge in detecting and debugging malware attacks.New Tool Sheds Light on AppleScript-Obfuscated Malware
The AEVT decompiler helped researchers analyze a cryptominer campaign that used AppleScript for obfuscation and will help reverse engineers focused on other Mac OS malware.SolarWinds Hack Potentially Linked to Turla APT

Free decrypter released for victims of Darkside ransomware
A new tool released today by Romanian security firm Bitdefender allows victims of the Darkside ransomware to recover their files without paying the ransom demand.When It Comes To Security Tools, More Isn't More
Organizations that focus on optimizing their tools, cutting down on tool sprawl, and taking a strategic approach to transitioning to the cloud are poised for success.Global cyber-espionage campaign linked to Russian spying tools

Kaspersky investigators uncover evidence that may support US claims Moscow was behind attack
A Moscow-based cybersecurity company has reported that some of the malicious code employed against the US government in a cyber-attack last month overlaps with code previously used by suspected Russian hackers.
The findings by Kaspersky investigators may provide the first public evidence to support accusations from Washington that Moscow was behind the biggest cyber-raid against the government in years, affecting 18,000 users of software produced by SolarWinds, including US government agencies.
Related: What you need to know about the biggest hack of the US government in years
Continue reading...