Cybersecurity News


5 Key Steps Schools Can Take to Defend Against Cyber Threats

Educational institutions have become prime targets, but there are things they can do to stay safer.
25 February 2021

Chinese cyberspies targeted Tibetans with a malicious Firefox add-on

The Chinese hacking group used the malicious add-on to collect Gmail and Firefox data from their victims.
25 February 2021

Facebook ramps up fight against child abuse content

Two new tools will warn users about the risks of searching for and sharing content that exploits children, including the potential legal consequences of doing so

The post Facebook ramps up fight against child abuse content appeared first on WeLiveSecurity

25 February 2021

Health Website Leaks 8 Million COVID-19 Test Results

Health Website Leaks 8 Million COVID-19 Test Results A teenaged ethical hacker discovered a flawed endpoint associated with a health-department website in the state of Bengal, which exposed personally identifiable information related to test results.
25 February 2021

Malicious Mozilla Firefox Extension Allows Gmail Takeover

Malicious Mozilla Firefox Extension Allows Gmail Takeover The malicious extension, FriarFox, snoops in on both Firefox and Gmail-related data.
25 February 2021

How to Avoid Falling Victim to a SolarWinds-Style Attack

A multilayered, zero-trust security posture provides a better chance of fending off sophisticated supply chain attackers before it's too late.
25 February 2021

Cisco Warns of Critical Auth-Bypass Security Flaw

Cisco Warns of Critical Auth-Bypass Security Flaw Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches.
25 February 2021

This chart shows the connections between cybercrime groups

CrowdStrike puts together a list of connections and how cybercrime groups cooperate with each other.
25 February 2021

Cybercriminals Target QuickBooks Databases

Stolen financial files then get sold on the Dark Web, researchers say.
24 February 2021

New APT Group Targets Airline Industry & Immigration

LazyScript bears similarities to some Middle Eastern groups but appears to be a distinct operation of its own, Malwarebytes says.
24 February 2021

61% of Malware Delivered via Cloud Apps: Report

Researchers report the majority of malware is now delivered via cloud applications - a jump from 48% last year.
24 February 2021

Tax Season Ushers in Quickbooks Data-Theft Spike

Tax Season Ushers in Quickbooks Data-Theft Spike Quickbooks malware targets tax data for attackers to sell and use in phishing scams.
24 February 2021

More than 6,700 VMware servers exposed online and vulnerable to major new bug

Proof-of-concept exploit code has been published online earlier today, and active scans for vulnerable VMware systems have been detected already.
24 February 2021

Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking

Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking Mozilla said its Total Cookie Protection feature in Firefox 86 prevents invasive, cross-site cookie tracking.
24 February 2021

Google Invests in Linux Kernel Developers to Focus on Security

Google will fund two full-time Linux kernel developers to maintain and improve Linux security in the long term.
24 February 2021

Kaseya Buys Managed SOC Provider

Purchase extends offerings for MSP and SMB customers
24 February 2021

The Realities of Extended Detection and Response (XDR) Technology

While the term XDR has become pervasive, the technology and market remain a work in progress with lots of innovation and market confusion.
24 February 2021

VMWare Patches Critical RCE Flaw in vCenter Server

VMWare Patches Critical RCE Flaw in vCenter Server The vulnerability, one of three patched by the company this week, could allow threat actors to breach the external perimeter of a data center or leverage backdoors already installed to take over a system.
24 February 2021

Universities Face Double Threat of Ransomware, Data Breaches

Lack of strong security policies put many schools at risk of compromise, disrupted services, and collateral damage.
24 February 2021

Google’s Password Checkup tool rolling out to Android devices

People who use devices running Android 9 or newer will be alerted if their login credentials have been stolen

The post Google’s Password Checkup tool rolling out to Android devices appeared first on WeLiveSecurity

24 February 2021