Cybersecurity News


Microsoft: Big Cryptomining Attacks Hit Kubeflow

Microsoft: Big Cryptomining Attacks Hit Kubeflow Misconfigured dashboards are yet again at the heart of a widespread, ongoing cryptocurrency campaign squeezing Monero and Ethereum from Kubernetes clusters.
10 June 2021

11 Cybersecurity Vendors to Watch in 2021

11 Cybersecurity Vendors to Watch in 2021 The cybersecurity landscape continues to spawn new companies and attract new investments. Here is just a sampling of what the industry has to offer.
10 June 2021

Steam Gaming Platform Delivering Malware

Steam Gaming Platform Delivering Malware Emerging malware is lurking in Steam profile images.
10 June 2021

Google fixes actively exploited Chrome zero‑day

The latest Chrome update patches a bumper crop of security flaws across the browser’s desktop versions

The post Google fixes actively exploited Chrome zero‑day appeared first on WeLiveSecurity

10 June 2021

Cyber Is the New Cold War & AI Is the Arms Race

Continual cyberattacks have pushed us into a new kind of Cold War, with artificial intelligence the basis of this new arms race.
10 June 2021

JBS Paid $11M to REvil Gang Even After Restoring Operations

JBS Paid $11M to REvil Gang Even After Restoring Operations The decision to pay the ransom demanded by the cybercriminal group was to avoid any further issues or potential problems for its customers, according to the company’s CEO.
10 June 2021

This new hacking group has a nasty surprise for African, Middle East diplomats

The newly-discovered APT pulls no punches when it comes to cyberespionage.
10 June 2021

BackdoorDiplomacy: Upgrading from Quarian to Turian

ESET researchers discover a new campaign that evolved from the Quarian backdoor

The post BackdoorDiplomacy: Upgrading from Quarian to Turian appeared first on WeLiveSecurity

10 June 2021

Amazon data usage to feature in new UK antitrust probe: report

Reports suggest a formal investigation into potential merchant favoritism is planned.
10 June 2021

Required MFA Is Not Sufficient for Strong Security: Report

Attackers and red teams find multiple ways to bypass poorly deployed MFA in enterprise environments, underscoring how redundancy and good design are still required.
09 June 2021

What to Know About Updates to the PCI Secure Software Standard

What to Know About Updates to the PCI Secure Software Standard New requirements add 50 controls covering five control objectives. Here's a high-level look at each objective.
09 June 2021

RSA Spins Off Fraud & Risk Intelligence Unit

The new company, called Outseer, will continue to focus on payment authentication and fraud detection and analysis.
09 June 2021

CISA Addresses Rise in Ransomware Threatening OT Assets

The agency has released guidance in response to a rise of ransomware attacks affecting OT assets and control systems.
09 June 2021

New Security Event @Hack to Take Place in Saudi Arabia

The Saudi Federation of Cybersecurity, Programming, and Drones (SAFCSP) and Informa Tech will launch a multi-day event in Riyadh this November.
09 June 2021

Mysterious Custom Malware Collects Billions of Stolen Data Points

Mysterious Custom Malware Collects Billions of Stolen Data Points A nameless malware resulted in a huge data heist of files, credentials, cookies and more that researchers found collected into a cloud database.
09 June 2021

With Cloud, CDO and CISO Concerns Are Equally Important

With Cloud, CDO and CISO Concerns Are Equally Important Navigated properly, a melding of these complementary perspectives can help keep an organization more secure.
09 June 2021

Intel Plugs 29 Holes in CPUs, Bluetooth, Security

Intel Plugs 29 Holes in CPUs, Bluetooth, Security The higher-rated advisories focus on privilege-escalation bugs in CPU firmware: Tough to patch, hard to exploit, tempting to a savvy attacker.
09 June 2021

Hardening the Physical Security Supply Chain to Mitigate the Cyber-Risk

Nick Smith, Regional Manager at Genetec, details how physical security professionals can improve their resilience to cyberattacks by reviewing the cybersecurity policies of those they work with in the supply chain. This includes everyone from component vendors to installers and engineers.
09 June 2021

Ransomware Is Not the Problem

Arbitrarily powerful software -- applications, operating systems -- is a problem, as is preventing it from running on enterprise systems.
09 June 2021

DarkSide Pwned Colonial With Old VPN Password

DarkSide Pwned Colonial With Old VPN Password Attackers accessed a VPN account that was no longer in use to freeze the company’s network in a ransomware attack whose repercussions are still vibrating.
09 June 2021