Cybersecurity News


Microsoft Releases Free Tool for Hunting SolarWinds Malware

Meanwhile, researchers at SecurityScorecard say the "fileless" malware loader in the attack - Teardrop - actually dates back to 2017.
25 February 2021

North Korea's Lazarus Group Expands to Stealing Defense Secrets

Several gigabytes of sensitive data stolen from one restricted network, with organizations in more than 12 countries impacted, Kaspersky says.
25 February 2021

Ransomware, Phishing Will Remain Primary Risks in 2021

Attackers have doubled down on ransomware and phishing -- with some tweaks -- while deepfakes and disinformation will become more major threats in the future, according to a trio of threat reports.
25 February 2021

Cyberattacks Launch Against Vietnamese Human-Rights Activists

Cyberattacks Launch Against Vietnamese Human-Rights Activists Vietnam joins the ranks of governments using spyware to crack down on human-rights defenders.
25 February 2021

Thousands of VMware Servers Exposed to Critical RCE Bug

Security experts report scanning activity targeting vulnerable vCenter servers after a researcher published proof-of-concept code.
25 February 2021

5 Key Steps Schools Can Take to Defend Against Cyber Threats

Educational institutions have become prime targets, but there are things they can do to stay safer.
25 February 2021

Chinese cyberspies targeted Tibetans with a malicious Firefox add-on

The Chinese hacking group used the malicious add-on to collect Gmail and Firefox data from their victims.
25 February 2021

Facebook ramps up fight against child abuse content

Two new tools will warn users about the risks of searching for and sharing content that exploits children, including the potential legal consequences of doing so

The post Facebook ramps up fight against child abuse content appeared first on WeLiveSecurity

25 February 2021

Health Website Leaks 8 Million COVID-19 Test Results

Health Website Leaks 8 Million COVID-19 Test Results A teenaged ethical hacker discovered a flawed endpoint associated with a health-department website in the state of Bengal, which exposed personally identifiable information related to test results.
25 February 2021

Malicious Mozilla Firefox Extension Allows Gmail Takeover

Malicious Mozilla Firefox Extension Allows Gmail Takeover The malicious extension, FriarFox, snoops in on both Firefox and Gmail-related data.
25 February 2021

How to Avoid Falling Victim to a SolarWinds-Style Attack

A multilayered, zero-trust security posture provides a better chance of fending off sophisticated supply chain attackers before it's too late.
25 February 2021

Cisco Warns of Critical Auth-Bypass Security Flaw

Cisco Warns of Critical Auth-Bypass Security Flaw Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches.
25 February 2021

This chart shows the connections between cybercrime groups

CrowdStrike puts together a list of connections and how cybercrime groups cooperate with each other.
25 February 2021

Cybercriminals Target QuickBooks Databases

Stolen financial files then get sold on the Dark Web, researchers say.
24 February 2021

New APT Group Targets Airline Industry & Immigration

LazyScript bears similarities to some Middle Eastern groups but appears to be a distinct operation of its own, Malwarebytes says.
24 February 2021

61% of Malware Delivered via Cloud Apps: Report

Researchers report the majority of malware is now delivered via cloud applications - a jump from 48% last year.
24 February 2021

Tax Season Ushers in Quickbooks Data-Theft Spike

Tax Season Ushers in Quickbooks Data-Theft Spike Quickbooks malware targets tax data for attackers to sell and use in phishing scams.
24 February 2021

More than 6,700 VMware servers exposed online and vulnerable to major new bug

Proof-of-concept exploit code has been published online earlier today, and active scans for vulnerable VMware systems have been detected already.
24 February 2021

Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking

Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking Mozilla said its Total Cookie Protection feature in Firefox 86 prevents invasive, cross-site cookie tracking.
24 February 2021

Google Invests in Linux Kernel Developers to Focus on Security

Google will fund two full-time Linux kernel developers to maintain and improve Linux security in the long term.
24 February 2021