Cybersecurity News
SolarWinds defense: How to stop similar attacks
The Linux Foundation, which knows a thing or two about building secure software, has suggestions on how we can avoid SolarWinds type attacks in the future. It won't be easy. But it must be done.14 January 2021
Florida Ethics Officer Charged with Cyberstalking
Judge bars former Tallahassee city ethics officer from internet-connected devices after her arrest for cyberstalking.14 January 2021
Telegram Bots at Heart of Classiscam Scam-as-a-Service
The cybercriminal service has scammed victims out of $6.5 million and continues to spread on Telegram.14 January 2021
Cloud Attacks Are Bypassing MFA, Feds Warn
CISA has issued an alert warning that cloud services at U.S. organizations are being actively and successfully targeted.14 January 2021
Cisco says it won't patch 74 security bugs in older RV routers that reached EOL
Cisco advises RV110W, RV130, RV130W, and RV215W device owners to migrate to newer gear.14 January 2021
CES 2021: Car spying – your insurance company is watching you
Your ‘networked computer on wheels’ has a privacy problem – and you may not be in the driver’s seat when it comes to your data
The post CES 2021: Car spying – your insurance company is watching you appeared first on WeLiveSecurity
14 January 2021
Who Is Responsible for Protecting Physical Security Systems From Cyberattacks?
It's a question that continues to engage debate, as the majority of new physical security devices being installed are now connected to a network. While this offers myriad benefits, it also raises the question: Who is responsible for their cybersecurity?14 January 2021
Vulnerability Management Has a Data Problem
Security teams have an abundance of data, but most of it lacks the context necessary to improve remediation outcomes.14 January 2021
Apple removes feature that allowed its apps to bypass macOS firewalls and VPNs
The ContentFilterExclusionList has been removed in macOS 11.2 beta 2.14 January 2021
Trump ban: No ‘moment for celebration’ in the eyes of Twitter chief
Analysis: Twitter CEO Jack Dorsey has highlighted how enmeshed private companies, politics, and public safety have become.14 January 2021
Ring Adds End-to-End Encryption to Quell Security Uproar
The optional feature was released free to users in a technical preview this week, adding a new layer of security to service, which has been plagued by privacy concerns.14 January 2021
Scam-as-a-Service operation made more than $6.5 million in 2020
"Classiscam" operation is made up of around 40 groups operating in the US and across several European countries.14 January 2021
Ring trials customer video end-to-end encryption for smart doorbells
The security feature will be opt-in for users that want to encrypt their video feeds.14 January 2021
Hackers leak stolen COVID‑19 vaccine documents
The documents related to COVID-19 vaccine and medications were stolen from the EU's medicines agency last month
The post Hackers leak stolen COVID‑19 vaccine documents appeared first on WeLiveSecurity
13 January 2021
TikTok Takes Teen Accounts Private
The company announced accounts for ages 13-15 will default to privacy setting, among other safety measures.13 January 2021
SolarWinds Attackers May Have Hit Mimecast, Driving New Concerns
Mimecast no longer uses the SolarWinds Orion network management software that served as an attack vector for thousands of organizations.13 January 2021
High-Severity Cisco Flaw Found in CMX Software For Retailers
Cisco fixed high-severity flaws tied to 67 CVEs overall, including ones found inits AnyConnect Secure Mobility Client and in its RV110W, RV130, RV130W, and RV215W small business routers.13 January 2021
Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover
Two security vulnerabilities -- one a privilege-escalation problem and the other a stored XSS bug -- afflict a WordPress plugin with 40,000 installs.13 January 2021
Iranian cyberspies behind major Christmas SMS spear-phishing campaign
Iranian hackers managed to successfully hide URLs to phishing sites behind legitimate google.com links.13 January 2021
Huntress Acquires EDR Technology From Level Effect
Huntress seeks to improve its detection and response capabilities with a more comprehensive view of endpoint security.13 January 2021