Cybersecurity News


JetBrains denies being the origin point of the SolarWinds hack

JetBrains denies confusing reports from the New York Times and Wall Street Journal portraying it as the origin point of the SolarWinds hack, which was later used to attack thousands of companies worldwide.
06 January 2021

JetBrains denies being involved in SolarWinds hack

JetBrains denies reports that is being under investigation and somehow related to the SolarWinds breach.
06 January 2021

Healthcare Organizations Bear the Brunt of Cyberattacks Amid Pandemic

In the past two months alone, attacks against the sector soared 45% - more than double the rate of other sectors, Check Point says.
06 January 2021

NSA Urges SysAdmins to Replace Obsolete TLS Protocols

NSA Urges SysAdmins to Replace Obsolete TLS Protocols The NSA released new guidance providing system administrators with the tools to update outdated TLS protocols.
06 January 2021

Nissan Source Code Leaked via Misconfigured Git Server

Leaked information includes source code of Nissan mobile apps, diagnostics tool, and market research tools and data, among other assets.
06 January 2021

It’s Not the Trump Sex Tape, It’s a RAT

It’s Not the Trump Sex Tape, It’s a RAT Criminals are using the end of the Trump presidency to deliver a new remote-access trojan (RAT) variant disguised as a sex video of the outgoing POTUS, researchers report.
06 January 2021

DoJ's Microsoft 365 Email Accounts Compromised in SolarWinds Attacks

Three percent of email accounts were breached, the Department of Justice reports.
06 January 2021

Feds Issue Recommendations for Maritime Cybersecurity

Feds Issue Recommendations for Maritime Cybersecurity Report outlines deep cybersecurity challenges for the public/private seagoing sector.
06 January 2021

Friction Affliction: How to Balance Security With User Experience

Friction Affliction: How to Balance Security With User Experience There's a fine line between protecting against suspicious, malicious, or unwanted activity and making users jump through hoops to prove themselves.
06 January 2021

SolarWinds fallout: DOJ says hackers accessed its Microsoft O365 email server

The US Department of Justice is one of the rare SolarWinds victims where hackers escalated the hack to a second phase and moved to access internal email inboxes, the agency said today.
06 January 2021

Request for Comments: SPoC Unsupported Operating Systems Annex

 

From 6 January 2021 to 4 February 2021, PCI SSC stakeholders can participate in a Request for Comments (RFC) on the new SPoC Unsupported Operating Systems Annex draft.

06 January 2021

Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw

Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover.
06 January 2021

Nissan source code leaked online after Git repo misconfiguration

Nissan was allegedly running a Bitbucket Git server with the default credentials of admin/admin.
06 January 2021

Feds Pinpoint Russia as ‘Likely’ Culprit Behind SolarWinds Attack

Feds Pinpoint Russia as ‘Likely’ Culprit Behind SolarWinds Attack The widespread compromise affecting key government agencies is ongoing, according to the U.S. government.
06 January 2021

How to Protect Your Organization's Digital Footprint

As the digital risk landscape evolves and grows, organizations must stay vigilant against online threats.
06 January 2021

6 Open Source Tools for Your Security Team

6 Open Source Tools for Your Security Team Open source tools can be great additions to your cloud security arsenal. Here are a half-dozen to get you started.
06 January 2021

Dark Web Forum Activity Surged 44% in Early COVID Months

Researchers analyzed the activity of five popular English- and Russian-speaking Dark Web forums and discovered exponential membership growth.
05 January 2021

RCE ‘Bug’ Found and Disputed in Popular PHP Scripting Framework

RCE ‘Bug’ Found and Disputed in Popular PHP Scripting Framework Impacted are PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases.
05 January 2021

China's APT Groups May Be Looking to Cash In

Two campaigns have resulted in encrypted drives and ransom notes, suggesting that some China-linked nation-state advanced persistent threat groups have added financial gain as a motive, researchers say.
05 January 2021

Cyberattacks on Healthcare Spike 45% Since November

Cyberattacks on Healthcare Spike 45% Since November The relentless rise in COVID-19 cases is battering already frayed healthcare systems — and ransomware criminals are using the opportunity to strike.
05 January 2021