Cybersecurity News
Microsoft Releases Free Tool for Hunting SolarWinds Malware
Meanwhile, researchers at SecurityScorecard say the "fileless" malware loader in the attack - Teardrop - actually dates back to 2017.25 February 2021
North Korea's Lazarus Group Expands to Stealing Defense Secrets
Several gigabytes of sensitive data stolen from one restricted network, with organizations in more than 12 countries impacted, Kaspersky says.25 February 2021
Ransomware, Phishing Will Remain Primary Risks in 2021
Attackers have doubled down on ransomware and phishing -- with some tweaks -- while deepfakes and disinformation will become more major threats in the future, according to a trio of threat reports.25 February 2021
Cyberattacks Launch Against Vietnamese Human-Rights Activists
Vietnam joins the ranks of governments using spyware to crack down on human-rights defenders.
25 February 2021
Thousands of VMware Servers Exposed to Critical RCE Bug
Security experts report scanning activity targeting vulnerable vCenter servers after a researcher published proof-of-concept code.25 February 2021
5 Key Steps Schools Can Take to Defend Against Cyber Threats
Educational institutions have become prime targets, but there are things they can do to stay safer.25 February 2021
Chinese cyberspies targeted Tibetans with a malicious Firefox add-on
The Chinese hacking group used the malicious add-on to collect Gmail and Firefox data from their victims.25 February 2021
Facebook ramps up fight against child abuse content
Two new tools will warn users about the risks of searching for and sharing content that exploits children, including the potential legal consequences of doing so
The post Facebook ramps up fight against child abuse content appeared first on WeLiveSecurity
25 February 2021
Health Website Leaks 8 Million COVID-19 Test Results
A teenaged ethical hacker discovered a flawed endpoint associated with a health-department website in the state of Bengal, which exposed personally identifiable information related to test results.
25 February 2021
Malicious Mozilla Firefox Extension Allows Gmail Takeover
The malicious extension, FriarFox, snoops in on both Firefox and Gmail-related data.
25 February 2021
How to Avoid Falling Victim to a SolarWinds-Style Attack
A multilayered, zero-trust security posture provides a better chance of fending off sophisticated supply chain attackers before it's too late.25 February 2021
Cisco Warns of Critical Auth-Bypass Security Flaw
Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches.
25 February 2021
This chart shows the connections between cybercrime groups
CrowdStrike puts together a list of connections and how cybercrime groups cooperate with each other.25 February 2021
Cybercriminals Target QuickBooks Databases
Stolen financial files then get sold on the Dark Web, researchers say.24 February 2021
New APT Group Targets Airline Industry & Immigration
LazyScript bears similarities to some Middle Eastern groups but appears to be a distinct operation of its own, Malwarebytes says.24 February 2021
61% of Malware Delivered via Cloud Apps: Report
Researchers report the majority of malware is now delivered via cloud applications - a jump from 48% last year.24 February 2021
Tax Season Ushers in Quickbooks Data-Theft Spike
Quickbooks malware targets tax data for attackers to sell and use in phishing scams.
24 February 2021
More than 6,700 VMware servers exposed online and vulnerable to major new bug
Proof-of-concept exploit code has been published online earlier today, and active scans for vulnerable VMware systems have been detected already.24 February 2021
Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking
Mozilla said its Total Cookie Protection feature in Firefox 86 prevents invasive, cross-site cookie tracking.
24 February 2021
Google Invests in Linux Kernel Developers to Focus on Security
Google will fund two full-time Linux kernel developers to maintain and improve Linux security in the long term.24 February 2021