Cybersecurity News


Week in security with Tony Anscombe

Supply‑chain attack against a certification authority in Southeast Asia. Holiday online… Safely! Scammers targeting PayPal users. Week in security with Tony Anscombe

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

18 December 2020

Microsoft Caught Up in SolarWinds Spy Effort, Joining Federal Agencies

Microsoft Caught Up in SolarWinds Spy Effort, Joining Federal Agencies The ongoing, growing campaign is “effectively an attack on the United States and its government and other critical institutions,” Microsoft warned.
18 December 2020

Cyberpunk 2077 Headaches Grow: New Spyware Found in Fake Android Download

Cyberpunk 2077 Headaches Grow: New Spyware Found in Fake Android Download Threat actors impersonate Google Play store in scam as Sony pulls the game off the PlayStation store due to myriad performance issues.
18 December 2020

Insider Threats: What Are They, Really?

Insider Threats: What Are They, Really? "Insider threat" or "human error" shows up a lot as the major cause of data breaches across all types of reports out there. But often it's not defined, or it's not clearly defined, so people conjure up their own definition.
18 December 2020

5 Key Takeaways from the SolarWinds Breach

5 Key Takeaways from the SolarWinds Breach New details continue to emerge each day, and there may be many more lessons to learn from what could be among the largest cyberattacks ever.
18 December 2020

2021 Cybersecurity Predictions: The Intergalactic Battle Begins

There's much in store for the future of cybersecurity, and the most interesting things aren't happening on Earth.
18 December 2020

NSA warns of federated login abuse for local-to-cloud attacks

The US National Security Agency describes two techniques abused in recent attacks for escalating attacks from local networks to cloud infrastructure.
18 December 2020

Microsoft says it identified 40+ victims of the SolarWinds hack

Microsoft says 80% of the victims it identified were located in the United States.
17 December 2020

Microsoft was also breached in recent SolarWinds supply chain hack, report

Report claims that after hackers breached Microsoft, they used Microsoft's own products to attack other companies.
17 December 2020

Malicious Browser Extensions for Social Media Infect Millions of Systems

At least 28 third-party add-ons for top social media sites, including Facebook and Vimeo, redirect users to phishing sites and steal data.
17 December 2020

How to Increase Your Security Posture with Fewer Resources

How to Increase Your Security Posture with Fewer Resources Plixer's Justin Jett, Compliance & Audit director, discusses how to do more with less when your security resources are thin.
17 December 2020

Nuclear Weapons Agency Hacked in Widening Cyberattack – Report

Nuclear Weapons Agency Hacked in Widening Cyberattack – Report Sources said the DoE suffered "damage" in the attack, which also likely extends beyond the initially known SolarWinds Orion attack vector.
17 December 2020

'SocGholish' Attack Framework Powers Surge in Drive-By Attacks

Menlo Labs research team says framework's social engineering toolkit helps criminals impersonate software updates.
17 December 2020

5M WordPress Sites Running ‘Contact Form 7’ Plugin Open to Attack

5M WordPress Sites Running ‘Contact Form 7’ Plugin Open to Attack A critical unrestricted file upload bug in Contact Form 7 allows an unauthenticated visitor to take over a site running the plugin.
17 December 2020

XDR 101: What's the Big Deal About Extended Detection & Response?

XDR 101: What's the Big Deal About Extended Detection & Response? Extended Detection and Response (XDR) could be the security management technology of your dreams...or not. What makes this technical 'evolution' so interesting to so many companies?
17 December 2020

XDR 101: What's the Big Deal About Extended Detection & Response?

XDR 101: What's the Big Deal About Extended Detection & Response? Extended Detection and Response (XDR) could be the security management technology of your dreams...or not. What makes this technical 'evolution' so interesting to so many companies?
17 December 2020

Police Vouch for Hacker Who Guessed Trump’s Twitter Password

Police Vouch for Hacker Who Guessed Trump’s Twitter Password No charges for Dutch ethical hacker Victor Gevers who prosecutors say did actually access Trump’s Twitter account by guessing his password, “MAGA2020!” last October.
17 December 2020

Air-Gap Attack Turns Memory Modules into Wi-Fi Radios

Air-Gap Attack Turns Memory Modules into Wi-Fi Radios Attack turns SDRAM buses into a Wi-Fi radio to leak data from air-gapped computers.
17 December 2020

RubyGems Packages Laced with Bitcoin-Stealing Malware

RubyGems Packages Laced with Bitcoin-Stealing Malware Two malicious software building blocks that could be baked into web applications prey on unsuspecting users.
17 December 2020

CISA: SolarWinds Not the Only Initial Attack Vector in Massive Breach

Agency says it has "evidence of additional initial access vectors" besides SolarWinds' Orion software.
17 December 2020