Cybersecurity News
Three million users installed 28 malicious Chrome or Edge extensions
Extensions could redirect users to ads, phishing sites, collect user data, or download malware on infected systems.FireEye Identifies Killswitch for SolarWinds Malware as Victims Scramble to Respond
White House National Security Council establishes unified group to coordinate response across federal agencies to the threat.Attackers Leverage IMAP to Infiltrate Email Accounts
Researchers believe cybercriminals are using a tool dubbed Email Appender to directly connect with compromised email accounts via IMAP.FBI says DoppelPaymer ransomware gang is harassing victims who refuse to pay
FBI says ransomware group has been calling victims, threatening to send individuals to their homes if they don't pay the ransom.New IRS Form Fraud Campaign Targets G Suite Users
At least 50,000 executives have been affected so far.US-CERT Reports 17,447 Vulnerabilities Recorded in 2020
This marks the fourth year in a row that a record number of vulnerabilities has been discovered, following 17,306 in 2019.Corporate Credentials for Sale on the Dark Web: How to Protect Employees and Data
It's past time to retire passwords in favor of other methods for authenticating users and securing systems.Why the Weakest Links Matter
The recent FireEye and SolarWinds compromises reinforce the fact that risks should be understood, controls should be in place, and care should be taken at every opportunity.Senior Managers Twice as Likely to Share Work Devices With Outsiders
New survey finds top C-suite managers are much shakier on security than their junior counterparts.
Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’
A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a "killswitch" designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned.Ryuk, Egregor Ransomware Attacks Leverage SystemBC Backdoor
In the past few months researchers have detected hundreds of attempted SystemBC deployments globally, as part of recent Ryuk and Egregor ransomware attacks.
Outing of FSB hit squad highlights Russia's data security problem
Analysis: trade in stolen data is a boon for investigators and a headache for Kremlin
In early 2019, the journalist Andrei Zakharov managed to buy his own phone and banking records in a groundbreaking investigation into Russia’s thriving markets in stolen personal data, in which law enforcement and telecoms employees can be contracted anonymously to dip into their systems and pull out sensitive details on anyone.
A year and a half later, investigators from Bellingcat and the Insider used some of the same tools and clever analysis to out a secret FSB team that had been tasked with killing Alexei Navalny using a novichok nerve agent.
Related: Russian FSB hit squad poisoned Alexei Navalny, report says
Related: 'We got really lucky': how novichok suspects' identities were revealed
Continue reading...The SolarWinds Perfect Storm: Default Password, Access Sales and More
Meanwhile, Microsoft and other vendors are quickly moving to block the Sunburst backdoor used in the attack.
Patching Still Poses Problems for Industrial Controllers, Networking Devices
More than 90% of devices that run the popular VxWorks embedded operating system remain vulnerable to critical flaws disclosed more than a year ago.Sextortionist Campaign Targets iOS, Android Users with New Spyware
Goontact lures users of illicit sites through Telegram and other secure messaging apps and steals their information for future fraudulent use.
Why Secure Email Gateways Rewrite Links (and Why They Shouldn't)
Redirecting a user to a trusted server buys a secure email gateway company some time while it decides whether a URL is malicious -- but there are avoidable drawbacks to this approach.
SSO and MFA Are Only Half Your Identity Governance Strategy
We need better ways to manage user identities for accessing applications, especially given the strain it places on overworked IT and security teams.FICO launches cryptocurrency trade risk solution for banks
The software will bring crypto risk assessment to KYC processes.Cybersecurity Advent calendar: Stay close to one another… Safely!
This year, many of us will be celebrating Christmas with our loved ones virtually, however we shouldn’t underestimate the value of securing our online communication.
The post Cybersecurity Advent calendar: Stay close to one another… Safely! appeared first on WeLiveSecurity
