Cybersecurity News


Protecting the water supply – hacker edition

What can municipalities do to better protect their water supply systems?

The post Protecting the water supply – hacker edition appeared first on WeLiveSecurity

11 February 2021

How Email Attacks are Evolving in 2021

How Email Attacks are Evolving in 2021 The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics.
11 February 2021

Various Malware Lurks in Discord App to Target Gamers

Various Malware Lurks in Discord App to Target Gamers Research from Zscaler ThreatLabZ shows attackers using spam emails and legitimate-looking links to gaming software to serve up Epsilon ransomware, the XMRrig cryptominer and various data and token stealers.
11 February 2021

Cloud-Native Apps Make Software Supply Chain Security More Important Than Ever

Cloud-native deployments tend to be small, interchangeable, and easier to protect, but their software supply chains require closer attention.
11 February 2021

On the Radar: Twingate Offers an Easy-to-Use Zero-Trust Access Service

Twingate is a developer of zero-trust access (ZTA) technology, which delivers remote access in a more secure fashion than virtual private networks (VPNs). It delivers its technology as a service. As a fully managed SaaS product with multiple product tiers and price points to suit customers' needs, Twingate will be a strong option for companies looking to simplify their remote access experience.
11 February 2021

KeepChange said it stopped hackers from stealing user funds, but not personal data

Stolen information includes names, email addresses, trade data, and hashed passwords.
11 February 2021

Military, Nuclear Entities Under Target By Novel Android Malware

Military, Nuclear Entities Under Target By Novel Android Malware The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation.
11 February 2021

Android spyware strains linked to state-sponsored Confucius threat group

Hornbill and SunBird are being used to stalk and steal the data of Pakistani nationals.
11 February 2021

PayPal fixes reflected XSS vulnerability in user wallet currency converter

The currency conversion endpoint was susceptible to attacks.
11 February 2021

Proofpoint sues Facebook to get permission to use lookalike domains for phishing tests

Facebook's crackdown on lookalike domains last year has touched some of the domains security firm Proofpoint was using for security awareness training exercises.
10 February 2021

High-Severity Vulnerabilities Discovered in Multiple Embedded TCP/IP Stacks

Flaw leaves millions of IT, OT, and IoT devices vulnerable to attack.
10 February 2021

Following Oldsmar attack, FBI warns about using TeamViewer and Windows 7

An FBI alert sent on Tuesday warns companies about the use of out-of-date Windows 7 systems, poor account passwords, and desktop sharing software TeamViewer.
10 February 2021

What’s most interesting about the Florida water system hack? That we heard about it at all.

Stories about computer security tend to go viral when they bridge the vast divide between geeks and luddites, and this week's news about a hacker who tried to poison a Florida town's water supply was understandably front-page material. But for security nerds who've been warning about this sort of thing for ages, the most surprising aspect of the incident seems to be that we learned about it at all.
10 February 2021

SASE Surge: Why the Market Is Poised to Grow

Analysts who anticipate the SASE market will expand by more than a factor of five before 2025 explain reasons behind the surge.
10 February 2021

SAP Commerce Critical Security Bug Allows RCE

SAP Commerce Critical Security Bug Allows RCE The critical SAP cybersecurity flaw could allow for the compromise of an application used by e-commerce businesses.
10 February 2021

Hacker Sets Alleged Auction for Witcher 3 Source Code

Hacker Sets Alleged Auction for Witcher 3 Source Code The ransomware gang behind the hack of CD Projekt Red may be asking for $1 million opening bids for the company's valuable data.
10 February 2021

Hybrid, Older Users Most-Targeted by Gmail Attackers

Hybrid, Older Users Most-Targeted by Gmail Attackers Researchers at Google and Stanford analyzed a 1.2 billion malicious emails to find out what makes users likely to get attacked. 2FA wasn't a big factor.
10 February 2021

Microsoft patches actively exploited Windows kernel flaw

This month’s relatively humble bundle of security updates fixes 56 vulnerabilities, including a zero-day bug and 11 flaws rated as critical

The post Microsoft patches actively exploited Windows kernel flaw appeared first on WeLiveSecurity

10 February 2021

Zero Trust in the Real World

Those who are committed to adopting the concept have the opportunity to make a larger business case for it across the organization, working with executive leaders to implement a zero-trust framework across the entire enterprise.
10 February 2021

Intel Squashes High-Severity Graphics Driver Flaws

Intel Squashes High-Severity Graphics Driver Flaws Intel is warning on security bugs across its graphics drivers, server boards, compute modules and modems.
10 February 2021