Cybersecurity News
Bugs in Firefox, Chrome, Edge Allow Remote System Hijacking

08 January 2021
New side-channel attack can recover encryption keys from Google Titan security keys
Attack requires physical access to the devices but Titan and other keys can be cloned if attacks are successful.07 January 2021
Sealed U.S. Court Records Exposed in SolarWinds Breach
The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the U.S. Courts.07 January 2021
Cobalt Strike & Metasploit Tools Were Attacker Favorites in 2020
Research reveals APT groups and cybercriminals employ these offensive security tools as often as red teams.07 January 2021
FireEye's Mandia: 'Severity-Zero Alert' Led to Discovery of SolarWinds Attack
CEO Kevin Mandia shared some details on how his company rooted out the major cyberattack campaign affecting US government and corporate networks.07 January 2021
Biden to Appoint Cybersecurity Advisor to NSC – Report

07 January 2021
State Dept. to Create New Cybersecurity & Technology Agency
Bureau of Cyberspace Security and Emerging Technologies (CSET) will serve as diplomatic arm for US cybersecurity interests.07 January 2021
Nvidia Warns Windows Gamers of High-Severity Graphics Driver Flaws

07 January 2021
Even Small Nations Have Jumped into the Cyber Espionage Game
While the media tends to focus on the Big 5 nation-state cyber powers, commercial spyware has given smaller countries sophisticated capabilities, as demonstrated by a "zero-click" iMessage exploit that targeted journalists last year.07 January 2021
All Aboard the Pequod!
Like countless others, I frittered away the better part of Jan. 6 doomscrolling and watching television coverage of the horrifying events unfolding in our nation's capital, where a mob of President Trump supporters and QAnon conspiracy theorists was incited to lay siege to the U.S. Capitol. For those trying to draw meaning from the experience, might I suggest consulting the literary classic Moby Dick, which simultaneously holds clues about QAnon's origins and offers an apt allegory about a modern-day Captain Ahab and his ill-fated obsessions.07 January 2021
Ransomware Victims' Data Published via DDoSecrets
Activists behind Distributed Denial of Secrets has shared 1TB of data pulled from Dark Web sites where it was shared by ransomware attackers.07 January 2021
How the Shady Zero-Day Sales Game Is Evolving

07 January 2021
Fired Healthcare Exec Stalls Critical PPE Shipment for Months

07 January 2021
Ryuk gang estimated to have made more than $150 million from ransomware attacks
Most of the Ryuk gang's "earnings" are being cashed out through accounts at crypto-exchanges Binance and Huobi.07 January 2021
Threatpost Poll: Weigh in on Ransomware Security

07 January 2021
WhatsApp updates privacy policy to enable sharing more data with Facebook
Many users have until February 8 to accept the new rules – or else lose access to the app
The post WhatsApp updates privacy policy to enable sharing more data with Facebook appeared first on WeLiveSecurity
07 January 2021
New Year, New Ransomware: Babuk Locker Targets Large Corporations

07 January 2021
Cobalt Strike and Metasploit accounted for a quarter of all malware C&C servers in 2020
Security firm Recorded Future said it tracked more than 10,000 malware command and control servers last year, used across more than 80 malware families.07 January 2021
The 3 Most Common Types of BEC Attacks (And What You Can Do About Them)
Always be skeptical and double check credentials.07 January 2021
Facebook’s Mandatory Data-Sharing Rules for WhatsApp Spark Ire

07 January 2021