Cybersecurity News


VMware Rolls a Fix for Formerly Critical Zero-Day Bug

VMware Rolls a Fix for Formerly Critical Zero-Day Bug VMware has issued a full patch and revised the severity level of the NSA-reported vulnerability to "important."
04 December 2020

Flash Dies but Warning Signs Persist: A Eulogy for Tech's Terrible Security Precedent

Flash will be gone by the end of the year, but the ecosystem that allowed it to become a software security serial killer is ready to let it happen again.
04 December 2020

IRS to Make ID Protection PIN Open to All

The U.S. Internal Revenue Service (IRS) said this week that beginning in 2021 it will allow all taxpayers to apply for an identity protection personal identification number (IP PIN), a single-use code designed to block identity thieves from falsely claiming a tax refund in your name. Currently, IP PINs are issued only to those who fill out an ID theft affidavit, or to taxpayers who've experienced tax refund fraud in previous years.
04 December 2020

Vancouver Metro Disrupted by Egregor Ransomware

Vancouver Metro Disrupted by Egregor Ransomware The attack, which prevented Translink users from using their metro cards or buying tickets at kiosks, is the second from the prolific threat group just this week.
04 December 2020

Cybersecurity Advent Calendar: Let Santa in, keep hackers out!

Santa will soon come down the chimney, but there are potential entry points into your home and digital life that you should never leave open

The post Cybersecurity Advent Calendar: Let Santa in, keep hackers out! appeared first on WeLiveSecurity

04 December 2020

Ransomware attack cripples Vancouver public transportation agency

TransLink customers left unable to use the agency's public ticketing kiosks and cards for two days.
04 December 2020

Assessing Cybersecurity Risk in Today's Enterprises

Assessing Cybersecurity Risk in Today's Enterprises COVID-19 has created a new IT paradigm in the enterprise - and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
04 December 2020

Edward Snowden asks Trump to pardon Wikileaks founder Julian Assange

Snowden claims the pardon would save Assange's life.
03 December 2020

Potential Nation-State Actor Targets COVID-19 Vaccine Supply Chain

Companies involved in technologies for keeping vaccines cold enough for safe storage and transportation are being targeted in a sophisticated spear-phishing campaign, IBM says.
03 December 2020

TrickBot's New Tactic Threatens Firmware

A newly discovered module checks machines for flaws in the UEFI/BIOS firmware so malware can evade detection and persist on a device.
03 December 2020

Researchers Discover New Obfuscation-As-a-Service Platform

Researchers detail how a Android APK obfuscation service automates detection evasion for highly malicious apps.
03 December 2020

Kmart, Latest Victim of Egregor Ransomware – Report

Kmart, Latest Victim of Egregor Ransomware – Report The struggling retailer's back-end services have been impacted, according to a report, just in time for the holidays.
03 December 2020

Common Container Manager Is Vulnerable to Dangerous Exploit

Container manager vulnerability is one of several weaknesses and vulnerabilities recently disclosed for Docker.
03 December 2020

Cloud Security Threats for 2021

Most of these issues can be remediated, but many users and administrators don't find out about them until it's too late.
03 December 2020

TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions

TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions A new "TrickBoot" module scans for vulnerable firmware and has the ability to read, write and erase it on devices.
03 December 2020

Dell announces new protections for its PC and server supply chain

Dell to start using tamper-evident seals during physical transport and provide a software reset feature to wipe hard-drives before customer deployment.
03 December 2020

US Officials Take Action Against 2,300 Money Mules

Eight federal law enforcement agencies participated in the Money Mule Initiative, a global crackdown on money laundering.
03 December 2020

iPhone hack allowed device takeover via Wi‑Fi

Using a zero-click exploit, an attacker could have taken complete control of any iPhone within Wi-Fi range in seconds

The post iPhone hack allowed device takeover via Wi‑Fi appeared first on WeLiveSecurity

03 December 2020

Researchers Bypass Next-Generation Endpoint Protection

Machine learning-based products can be tricked to classify malware as a legitimate file, new findings show.
03 December 2020

DeathStalker APT Spices Things Up with PowerPepper Malware

DeathStalker APT Spices Things Up with PowerPepper Malware A raft of obfuscation techniques turn the heat up for the hacking-for-hire operation.
03 December 2020