Cybersecurity News


SolarWinds said no other products were compromised in recent hack

SolarWinds has released today updates that "replaces the compromised component" in its Orion platform.
15 December 2020

Microsoft to quarantine SolarWinds apps linked to recent hack starting tomorrow

After only showing detection alerts, Microsoft moves to block trojanized SolarWinds apps from running, opening the door for some IT issues for some of its customers.
15 December 2020

Concerns Run High as More Details of SolarWinds Hack Emerge

Enterprises running company's Orion network management software should assume compromise and respond accordingly, security experts say.
15 December 2020

Twitter Fined in Irish GDPR Action

The $547K fine results from an issue Twitter reported in 2019.
15 December 2020

Subway Sandwich Loyalty-Card Users Suffer Ham-Handed Phishing Scam

Subway Sandwich Loyalty-Card Users Suffer Ham-Handed Phishing Scam Subway loyalty program members in U.K. and Ireland have been sent scam emails to trick them into downloading malware.
15 December 2020

Easy WP SMTP Security Bug Can Reveal Admin Credentials

Easy WP SMTP Security Bug Can Reveal Admin Credentials A poorly configured file opens users up to site takeover.
15 December 2020

Gitpaste-12 Worm Widens Set of Exploits in New Attacks

Gitpaste-12 Worm Widens Set of Exploits in New Attacks The worm returned in recent attacks against web applications, IP cameras and routers.
15 December 2020

Firefox Patches Critical Mystery Bug, Also Impacting Google Chrome

Firefox Patches Critical Mystery Bug, Also Impacting Google Chrome Mozilla Foundation releases Firefox 84 browser, fixing several flaws and delivering performance gains and Apple processor support.
15 December 2020

Medical Imaging Leaks Highlight Unhealthy Security Practices

More than 45 million unique images, such as X-rays and MRI scans, are accessible to anyone on the Internet, security firm says.
15 December 2020

Microsoft and industry partners seize key domain used in SolarWinds hack

By seizing the domain, Microsoft and its partners hope to identify all victims, but are also preventing attackers from escalating intrusions in currently infected networks.
15 December 2020

Medical scans of millions of patients exposed online

Other leaked data included a range of personal information such as names, addresses and personal healthcare information.

The post Medical scans of millions of patients exposed online appeared first on WeLiveSecurity

15 December 2020

45M Medical Imaging Files Left Accessible Online

A range of medical images, including X-rays and CT scans, were exposed on more than 2,140 unprotected servers, researchers report.
15 December 2020

Nowhere to Hide: Don't Let Your Guard Down This Holiday Season

Nowhere to Hide: Don't Let Your Guard Down This Holiday Season Harden your defenses to ensure that your holiday downtime doesn't become an open door for cyber threats.
15 December 2020

SolarWinds Hack Could Affect 18K Customers

The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. Meanwhile, Microsoft should soon have some idea which and how many SolarWinds customers were affected, as it recently took possession of a key domain name used by the intruders to control infected systems.
15 December 2020

45 Million Medical Images Left Exposed Online

45 Million Medical Images Left Exposed Online A six-month investigation by CybelAngel discovered unsecured sensitive patient data available for third parties to access for blackmail, fraud or other nefarious purposes.
15 December 2020

Agent Tesla Keylogger Gets Data Theft and Targeting Update

Agent Tesla Keylogger Gets Data Theft and Targeting Update The infamous keylogger has shifted its targeting tactics and now collects stored credentials for less-popular web browsers and email clients.
15 December 2020

Millions of Unpatched IoT, OT Devices Threaten Critical Infrastructure

Millions of Unpatched IoT, OT Devices Threaten Critical Infrastructure Industrial, factory and medical gear remain largely unpatched when it comes to the URGENT/11 and CDPwn groups of vulnerabilities.
15 December 2020

The Private Sector Needs a Cybersecurity Transformation

Cybersecurity must get to the point where it's equated with actually stopping an attack by identifying the methods the bad guys use and taking those methods away.
15 December 2020

Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares

Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares From ransomware attacks that crippled hospitals, to espionage attacks targeting COVID-19 vaccine supply chain, Beau Woods discusses the top healthcare security risks.
15 December 2020

Academics turn RAM into WiFi cards to steal data from air-gapped systems

AIR-FI technique can send stolen data at speeds of up to 100 b/s to WiFi receivers at a distance of a few meters.
15 December 2020