Cybersecurity News
Is $50,000 for a Vulnerability Too Much?
Lofty bug bounties catch attention, but don't alleviate the application security flaws they are trying to solve.04 February 2021
Blockchain transactions confirm murky and interconnected ransomware scene
Criminal gangs often use multiple ransomware strains and jump ship from one RaaS (Ransomware-as-a-Service) to another, seeking better deals.04 February 2021
Discord servers targeted in cryptocurrency exchange scam wave
Free Bitcoin? Don’t believe it.04 February 2021
Security firm Stormshield discloses data breach, theft of source code
Stormshield is a major provider of network security products to the French government, some approved to be used on sensitive networks.04 February 2021
Cisco’s AppDynamics debuts app performance, vulnerability management software
Cisco says that clients will no longer have to “sacrifice security for velocity.”04 February 2021
Clearview Facial-Recognition Technology Ruled Illegal in Canada
The company’s controversial practice of collecting and selling billions of faceprints was dealt a heavy blow by the Privacy Commissioner that could set a precedent in other legal challenges.
04 February 2021
LockBit ransomware operator: ‘For a cybercriminal, the best country is Russia’
A lone ransomware operator explains why they went down a criminal path.04 February 2021
Facebook etiquette: Behaviors you should avoid
Sharing your thoughts or photos for the world to see is now as easy as pushing a button, but even a seemingly harmless post may come back to haunt you
The post Facebook etiquette: Behaviors you should avoid appeared first on WeLiveSecurity
04 February 2021
Digital Defense acquired to bolster HelpSystems’ security assessment portfolio
HelpSystems says the purchase will help clients improve infrastructure security.04 February 2021
Android devices ensnared in DDoS botnet
New Matryosh botnet is targeting Android systems that have left their ADB debug interface exposed on the internet.04 February 2021
Older Generation
Using technology securelly can be overwhelming or confusing, especially for those who did not grow up with it. When helping secure those who are uncomfortable with technology focus on just the basics - 1) be aware of social engineering attacks 2) secure your home network 3) keep your systems updated 4) use strong, unique passwords 5) backup your key personal data.04 February 2021
Google: Proper patching would have prevented 25% of all zero-days found in 2020
A quarter of all the zero-days exploited in the wild in 2020 were variations of previously patched vulnerabilities.03 February 2021
Emotet’s Takedown: Have We Seen the Last of the Malware?
A week after law enforcement agencies said they took down Emotet, there has been no sign of the prolific malware.
03 February 2021
Second SolarWinds Attack Group Breaks into USDA Payroll — Report
A second APT, potentially linked to the Chinese government, could be behind the Supernova malware.
03 February 2021
Patch Imperfect: Software Fixes Failing to Shut Out Attackers
Incomplete patches are allowing attackers to continue exploiting the same vulnerabilities, reducing the cost to compromise.03 February 2021
New Malware Hijacks Kubernetes Clusters to Mine Monero
Researchers warn that the Hildegard malware is part of 'one of the most complicated attacks targeting Kubernetes.'
03 February 2021
Trucking company Forward Air said its ransomware incident cost it $7.5 million
Even if the company recovered from the ransomware attack, the incident left a mark on its Q4 2020 bottom line.03 February 2021
An Observability Pipeline Could Save Your SecOps Team
Traditional monitoring approaches are proving brittle as security operations teams need better visibility into dynamic environments.03 February 2021
Identity theft spikes amid pandemic
The US Federal Trade Commission received 1.4 million reports of identity theft last year, double the number from 2019
The post Identity theft spikes amid pandemic appeared first on WeLiveSecurity
03 February 2021
SolarWinds Attackers Spent Months in Corporate Email System: Report
SolarWinds' CEO says evidence indicates attackers lurked in the company's Office 365 email system for months ahead of the attack.03 February 2021