Cybersecurity News


From PowerShell to Payload: An Analysis of Weaponized Malware

From PowerShell to Payload: An Analysis of Weaponized Malware John Hammond, security researcher with Huntress, takes a deep-dive into a malware's technical and coding aspects.
02 April 2021

US Tech Dominance Rides on Securing Intellectual Property

A recent, mostly overlooked pardon points to a big problem in the US tech industry: Intellectual property offers a lucrative golden ticket for insiders.
02 April 2021

Robinhood Warns Customers of Tax-Season Phishing Scams

Robinhood Warns Customers of Tax-Season Phishing Scams Attackers are impersonating the stock-trading broker using fake websites to steal credentials as well as sending emails with malicious tax files.
02 April 2021

Week in security with Tony Anscombe

PHP source code briefly backdoored – Prevent data loss before it's too late – The perils of owning a smart dishwasher

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

02 April 2021

Enterprises Remain Riddled With Overprivileged Users -- and Attackers Know It

Attackers commonly focus on finding users with too much privileged access as their ticket to network compromise. What can companies do?
01 April 2021

80% of Global Enterprises Report Firmware Cyberattacks

80% of Global Enterprises Report Firmware Cyberattacks A vast majority of companies in a global survey from Microsoft report being a victim of a firmware-focused cyberattack, but defense spending lags, but defense spending lags.
01 April 2021

New KrebsOnSecurity Mobile-Friendly Site

Dear Readers, this has been long overdue, but at last I give you a more responsive, mobile-friendly version of KrebsOnSecurity. We tried to keep the visual changes to a minimum and focus on a simple theme that presents information in a straightforward, easy-to-read format. Please bear with us over the next few days as we hunt down the gremlins in the gears.
01 April 2021

7 Security Strategies as Employees Return to the Office

7 Security Strategies as Employees Return to the Office More sooner than later, employees will be making their way back to the office. Here's how security pros can plan for the next new normal.
01 April 2021

Legacy QNAP NAS Devices Vulnerable to Zero-Day Attack

Legacy QNAP NAS Devices Vulnerable to Zero-Day Attack Some legacy models of QNAP network attached storage devices are vulnerable to remote unauthenticated attacks because of two unpatched vulnerabilities.
01 April 2021

Kansas Man Indicted for Hacking, Tampering With Water Utility System

Attacker disabled water-purification operation systems "with intention of harming" the rural water district.
01 April 2021

NIST Publishes Guide for Securing Hotel Property Management Systems

These sensitive systems store guests' personal data and payment-card information.
01 April 2021

Ragnarok Ransomware Hits Boggi Milano Menswear

Ragnarok Ransomware Hits Boggi Milano Menswear The ransomware gang exfiltrated 40 gigabytes of data from the fashion house, including HR and salary details.
01 April 2021

Solving the Leadership Buy-In Impasse With Data

Justify your requirements with real numbers to get support for security investments.
01 April 2021

Building a Fortress: 3 Key Strategies for Optimized IT Security

Building a Fortress: 3 Key Strategies for Optimized IT Security Chris Hass, director of information security and research at Automox, discusses how to shore up cybersecurity defenses and what to prioritize.
01 April 2021

How to Build a Resilient IoT Framework

How to Build a Resilient IoT Framework For all of their benefits, IoT devices weren't built with security in mind -- and that can pose huge challenges.
01 April 2021

Google: North Korean APT Gearing Up to Target Security Researchers Again

Google: North Korean APT Gearing Up to Target Security Researchers Again Cyberattackers have set up a website for a fake company called SecuriElite, as well as associated Twitter and LinkedIn accounts.
01 April 2021

The Role of Visibility in Securing Cloud Applications

The Role of Visibility in Securing Cloud Applications Traditional data center approaches aren't built for securing modern cloud applications.
01 April 2021

Is your dishwasher trying to kill you?

Does every device in your home really need to be connected to the internet? And could it be turned against you?

The post Is your dishwasher trying to kill you? appeared first on WeLiveSecurity

01 April 2021

DeepDotWeb dark web admin pleads guilty to gun, drug purchase kickbacks

Over $8 million was earned through affiliate marketing for illegal marketplaces.
01 April 2021

Google: North Korean hackers are targeting researchers through fake offensive security firm

Google TAG warns of the group using zero-day exploits after reaching out to targets on social media.
01 April 2021