Cybersecurity News
Cyberattack on Kaseya Nets More Than 1,000 Victims, $70M Ransom Demand
The provider of remote monitoring and management services warns customers to not run its software until a patch is available and manually installed.06 July 2021
8 Ways to Preserve Legal Privilege After a Cybersecurity Incident
Knowing your legal distinctions can make defense easier should you end up in court after a breach, attack, or data loss.06 July 2021
Website of Mongolian certificate authority served backdoored client installer
Researchers say the domain was breached eight times in a short window.06 July 2021
Kaseya Attack Fallout: CISA, FBI Offer Guidance
Following a brazen ransomware attack by the REvil cybergang, CISA and FBI offer guidance to victims.
05 July 2021
Watch for Cybersecurity Games at the Tokyo Olympics
The cybersecurity professionals guarding the Summer Olympics are facing at least as much competition as the athletes, and their failure could have steeper ramifications.05 July 2021
Ransomware Defense: Top 5 Things to Do Right Now
Matt Bromiley, senior consultant with Mandiant Managed Defense, discusses the top tricks and tips for protecting enterprise environments from ransomware.
05 July 2021
Kaseya ransomware supply chain attack: What you need to know
A ransomware gang is demanding a huge payment after a major software supply chain attack. Here is everything we know so far.05 July 2021
Kaseya supply‑chain attack: What we know so far
As news breaks about the supply-chain ransomware attack against Kaseya's IT management software, here’s what we know so far
The post Kaseya supply‑chain attack: What we know so far appeared first on WeLiveSecurity
03 July 2021
Barracuda Agrees to Acquire Skout Cybersecurity
The acquisition will bring Barracuda into the extended detection and response (XDR) market with a tool for managed service providers.02 July 2021
Secured-Core PCs May Mitigate Firmware Attacks, But Adoption Lags
Microsoft maintains that exploitation of recent Dell vulnerabilities would be blocked on ultra-secure PCs - but most systems do not have the technology yet.02 July 2021
Microsoft Issues New CVE for 'PrintNightmare' Flaw
Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function.02 July 2021
TrickBot Spruces Up Its Banking Trojan Module
After focusing almost exclusively on delivering ransomware for the past year, the code changes could indicate that TrickBot is getting back into the bank-fraud game.
02 July 2021
Widespread Brute-Force Attacks Tied to Russia’s APT28
The ongoing attacks are targeting cloud services such as Office 365 to steal passwords and password-spray a vast range of targets, including in U.S. and European governments and military.
02 July 2021
Why Healthcare Keeps Falling Prey to Ransomware and Other Cyberattacks
Nate Warfield, CTO of Prevailion and former Microsoft security researcher, discusses the many security challenges and failings plaguing this industry.
02 July 2021
SOC Investment Improves Detection and Response Times, Data Shows
A survey of IT and security pros finds many are confident in their ability to detect security incidents in near-real time or within minutes.02 July 2021
Another 0-Day Looms for Many Western Digital Users
Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-day flaw. But there is a similarly serious zero-day flaw present in a much broader range of newer Western Digital MyCloud network storage devices that will remain unfixed for many customers who can't or won't upgrade to the latest operating system.02 July 2021
Week in security with Tony Anscombe
Remembering John McAfee, an antivirus software pioneer – Beware these Facebook scams – Data for almost all LinkedIn users scraped and up for sale
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
02 July 2021
Twitter now lets users set security keys as the only 2FA method
You can now secure your account with a physical security key as your sole 2FA method, without any additional 2FA option
The post Twitter now lets users set security keys as the only 2FA method appeared first on WeLiveSecurity
02 July 2021
5 Mistakes That Impact a Security Team's Success
The way we work and treat each other go a long way in improving our organizations' security posture.
02 July 2021
WFH: A Smart Time to Revisit Employee Use of Social Media
Employers have their hands full when it comes to monitoring online activities that could hurt the brand or violate the organization's core values.02 July 2021