Cybersecurity News


Intel, Microsoft Aim for Breakthrough in DARPA Encryption Project

Together, the vendor giants aim to make "in use" encryption -- also known as "fully homomorphic encryption" -- economical and practical.
08 March 2021

Newest Intel Side-Channel Attack Sniffs Out Sensitive Data

Newest Intel Side-Channel Attack Sniffs Out Sensitive Data A new side-channel attack takes aim at Intel's CPU ring interconnect in order to glean sensitive data.
08 March 2021

Crypto-Miner Campaign Targets Unpatched QNAP NAS Devices

Crypto-Miner Campaign Targets Unpatched QNAP NAS Devices Researchers warn two critical bugs impacting multiple QNAP firmware versions are under active attack.
08 March 2021

The Edge Pro Tip: Proceed With Caution

The Edge Pro Tip: Proceed With Caution Security pros offer up their post-SolarWinds patch-management advice.
08 March 2021

Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords

Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords A phishing attack targeting Microsoft users leverages a bogus Google reCAPTCHA system.
08 March 2021

A Basic Timeline of the Exchange Mass-Hack

Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. Here's a brief timeline of what we know leading up to last week's mass-hack, when hundreds of thousands of Microsoft Exchange Server systems got compromised and seeded with a powerful backdoor Trojan horse program.
08 March 2021

Why Data Privacy Should Be on President Biden's Agenda for His First 100 Days

The new administration is in an excellent position to make significant progress on data privacy -- not just because it's needed, but also because it's time.
08 March 2021

Women in cybersecurity: Gender gap narrows but not enough

The number of women joining the ranks of cybersecurity practitioners is steadily increasing, but a lot still needs to be done to close the gap

The post Women in cybersecurity: Gender gap narrows but not enough appeared first on WeLiveSecurity

08 March 2021

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks

SolarWinds servers are being exploited to deploy the malicious .NET web shell.
08 March 2021

Everything you need to know about Microsoft Exchange Server hack

Vulnerabilities are being exploited by Hafnium. Other cyberattackers are following suit.
08 March 2021

Going dark: Service disruptions at stock exchanges and brokerages

Are you a bull or a bear? If you can’t access your data and money, do your sentiments about the market still matter?

The post Going dark: Service disruptions at stock exchanges and brokerages appeared first on WeLiveSecurity

08 March 2021

Flagstar Bank customer data breached through Accellion hack

Like many other users, Flagstar Bank has now permanently stopped using the platform.
08 March 2021

Check to see if you’re vulnerable to Microsoft Exchange Server zero-days using this tool

A CISA alert has been issued to urge admins to check their systems as quickly as possible.
06 March 2021

Microsoft Exchange Server Exploits Hit Retail, Government, Education

Mandiant researchers identify a range of victims affected in attacks targeting newly reported Microsoft Exchange Server vulnerabilities.
05 March 2021

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

At least 30,000 organizations across the United States -- including a significant number of small businesses, towns, cities and local governments -- have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that's focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.
05 March 2021

U.S. DoD Weapons Programs Lack ‘Key’ Cybersecurity Measures

U.S. DoD Weapons Programs Lack ‘Key’ Cybersecurity Measures The lack of cybersecurity requirements in weapons contracts from the Department of Defense opens the door for dangerous cyberattacks.
05 March 2021

Microsoft Adopted an 'Aggressive' Strategy for Sharing SolarWinds Attack Intel

Rob Lefferts, corporate vice president for Microsoft 365 Security in Security and Compliance, explains the company's approach to keeping its customers and the industry apprised and updated on its findings from the now-infamous attack.
05 March 2021

WordPress Injection Anchors Widespread Malware Campaign

WordPress Injection Anchors Widespread Malware Campaign Website admins should patch all plugins, WordPress itself and back-end servers as soon as possible.
05 March 2021

5 Ways Social Engineers Crack Into Human Beings

5 Ways Social Engineers Crack Into Human Beings These common human traits are the basic ingredients in the con-man's recipe for trickery.
05 March 2021

Massive Supply-Chain Cyberattack Breaches Several Airlines

Massive Supply-Chain Cyberattack Breaches Several Airlines The cyberattack on SITA, a nearly ubiquitous airline service provider, has compromised frequent-flyer data across many carriers.
05 March 2021