Cybersecurity News


Google Launches SLSA, A New Framework for Supply Chain Integrity

The 'Supply chain Levels for Software Artifacts' aims to ensure the integrity of components throughout the software supply chain.
17 June 2021

Clop Raid: A Big Win in the War on Ransomware?

Clop Raid: A Big Win in the War on Ransomware? Cops arrest six, seize cars and cash in splashy raid, and experts are applauding.
17 June 2021

Cisco Smart Switches Riddled with Severe Security Holes

Cisco Smart Switches Riddled with Severe Security Holes The intro-level networking gear for SMBs could allow remote attacks designed to steal information, drop malware and disrupt operations.
17 June 2021

Updated PCI DSS v4.0 Timeline

 

To follow up on an earlier communication, PCI SSC is now targeting a Q1 2022 publication date for PCI DSS v4.0. This timeline supports the inclusion of an additional request for comments (RFC) for the community to provide feedback on the PCI DSS v4.0 draft validation documents.

17 June 2021

Geek Squad Vishing Attack Bypasses Email Security to Hit 25K Mailboxes

Geek Squad Vishing Attack Bypasses Email Security to Hit 25K Mailboxes An email campaign asking victims to call a bogus number to suspend supposedly fraudulent subscriptions got right past Microsoft's native email controls.
17 June 2021

Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?

Consider four factors and behaviors that impact a particular employee's risk, and how security training should take them into account.
17 June 2021

CVS Health Records for 1.1 Billion Customers Exposed

CVS Health Records for 1.1 Billion Customers Exposed A vendor exposed the records, which were accessible with no password or other authentication, likely because of a cloud-storage misconfiguration.
17 June 2021

Most health apps engage in unhealthy data‑harvesting habits

Most medical and fitness apps in Google Play have tracking capabilities enabled and their data collection practices aren’t transparent

The post Most health apps engage in unhealthy data‑harvesting habits appeared first on WeLiveSecurity

17 June 2021

Mission Critical: What Really Matters in a Cybersecurity Incident

The things you do before and during a cybersecurity incident can make or break the success of your response.
17 June 2021

Threat Actors Use Google Docs to Host Phishing Attacks

Threat Actors Use Google Docs to Host Phishing Attacks Exploit in the widely used document service leveraged to send malicious links that appear legitimate but actually steal victims credentials.
17 June 2021

This strange malware stops you from visiting pirate websites

An odd vigilante campaign is preventing victims from accessing pirate content online.
17 June 2021

Hiccup in Akamai’s DDoS Mitigation Service Triggers Massive String of Outages

Hiccup in Akamai’s DDoS Mitigation Service Triggers Massive String of Outages An hour-long outage hit airlines, banks and the Hong Kong Stock exchange. It's thought to have been caused by a DDoS mitigation service.
17 June 2021

Ukraine Police Disrupt Cl0p Ransomware Operation

Ukraine Police Disrupt Cl0p Ransomware Operation Growing list of similar actions in recent months may finally be scaring some operators into quitting, but threat is far from over, security experts say.
16 June 2021

Ransomware Operators' Strategies Evolve as Attacks Rise

Security researchers find ransomware operators rely less on email and more on criminal groups for initial access into target networks.
16 June 2021

Biden Tells Putin Critical Infrastructure Sectors 'Off Limits' to Russian Hacking

President Joe Biden said he and Russian President Vladimir Putin agreed to discuss boundaries in cyber activity.
16 June 2021

Security Flaw Discovered In Peloton Equipment

The vulnerability could give attackers remote root access to the bike's tablet, researchers report.
16 June 2021

Cars, Medicine, Electric Grids: Future Hackers Will Hit Much More Than Networks in an IT/OT Integrated World

Intelligent systems must include the right cybersecurity protections to prevent physical threats to operational technology.
16 June 2021

Russian National Convicted on Charges Related to Kelihos Botnet

Oleg Koshkin was arrested in 2019 and faces a maximum penalty of 15 years in prison, the DoJ reports.
16 June 2021

IKEA Fined $1.2M for Elaborate ‘Spying System’

IKEA Fined $1.2M for Elaborate ‘Spying System’ A French court fined the furniture giant for illegal surveillance on 400 customers and staff.
16 June 2021

Is an Attacker Living Off Your Land?

Is an Attacker Living Off Your Land? Living-off-the-land attacks pose significant risks to organizations and, on top of that, are difficult to detect. Learn the basics about how these attacks operate and ways to limit their damage.
16 June 2021