Cybersecurity News
Pornhub suspends over 10 million videos to eradicate illegal content
Roughly 13.5 million videos hosted on Pornhub are now reduced to only 2.9 million.15 December 2020
18,000 Organizations Possibly Compromised in Massive Supply-Chain Cyberattack
Nation-state attackers used poisoned SolarWinds network management software updates to distribute malware; US government orders federal civilian agencies to immediately power down the technology.14 December 2020
Spotify Changes Passwords After Another Data Breach

14 December 2020
Ex-Cisco Employee Convicted for Deleting 16K Webex Accounts

14 December 2020
DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report

14 December 2020
Microsoft Office 365 Credentials Under Attack By Fax ‘Alert’ Emails

14 December 2020
2021 Security Budgets: Top Priorities, New Realities

14 December 2020
SEC filings: SolarWinds says 18,000 customers were impacted by recent hack
In SEC documents filed today, SolarWinds said it notified 33,000 customers of its recent hack, but that only 18,000 used a trojanized version of its Orion platform.14 December 2020
New Windows Trojan Steals Browser Credentials, Outlook Files

14 December 2020
U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise
Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. Given the breadth of the company's customer base, experts say the incident may be just the first of many such disclosures.14 December 2020
Startups Should Do Things That Don't Scale, but Security Isn't One of Them
Emerging businesses that don't embrace scalable security do so at their own peril.14 December 2020
How scammers target PayPal users and how you can stay safe
What are some common ploys targeting PayPal users? Here’s what you should watch out for when using the popular payment service.
The post How scammers target PayPal users and how you can stay safe appeared first on WeLiveSecurity
14 December 2020
Microsoft, FireEye confirm SolarWinds supply chain attack
Known victims so far include the US Treasury, the US NTIA, and FireEye itself.13 December 2020
FireEye confirms SolarWinds supply chain attack
Known victims so far include the US Treasury, the US NTIA, and FireEye itself.13 December 2020
PgMiner botnet attacks weakly secured PostgreSQL databases
Only PostgreSQL databases running on Linux servers have been attacked so far.13 December 2020
FBI, CISA, MS-ISAC: Cybercriminals Increasingly Attacking K-12 Distance Learning
Ransomware attacks reported against US K-12 schools jumped from 28% in January through July to 57% in August and September.11 December 2020
Security Issues in PoS Terminals Open Consumers to Fraud

11 December 2020
Adrozek Malware Delivers Fake Ads to 30K Devices a Day

11 December 2020
Zero-day in WordPress SMTP plugin abused to reset admin account passwords
A patch has been released earlier this week but many WordPress sites remained unpatched —as usual.11 December 2020
Week in security with Tony Anscombe
ESET researchers discovered that chat software called Able Desktop, part of a business management suite popular in Mongolia was used to deliver the HyperBro backdoor (commonly used by LuckyMouse), the Korplug RAT , and a RAT called Tmanger. A Q&A with security researcher Alejandro Hernández, who has unearthed a long list of vulnerabilities in leading online trading platforms that may expose their users to a host of security and privacy
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
11 December 2020