Cybersecurity News


INTERPOL aims to deal a blow to digital piracy

The agency’s new initiative will also warn about the high cost of the free lunch – the increased risk of malware exposure

The post INTERPOL aims to deal a blow to digital piracy appeared first on WeLiveSecurity

03 May 2021

New Buer Malware Downloader Rewritten in E-Z Rust Language

New Buer Malware Downloader Rewritten in E-Z Rust Language It's coming in emails disguised as DHL Support shipping notices and is apparently getting prepped for leasing on the underground.
03 May 2021

Researchers Find Bugs Using Single-Codebase Inconsistencies

A Northeastern University research team finds code defects -- and some vulnerabilities -- by detecting when programmers used different code snippets to perform the same functions.
03 May 2021

Dark Reading Celebrates 15th Anniversary

Cybersecurity news site begins 16th year with plans to improve site, deliver more content on cyber threats and best practices.
03 May 2021

Stopping the Next SolarWinds Requires Doing Something Different

Will the SolarWinds breach finally prompt the right legislative and regulatory actions on a broader, more effective scale?
03 May 2021

The Edge Pro Tip: Protect IoT Devices

The Edge Pro Tip: Protect IoT Devices As Internet-connected devices become more prevalent in organizations, security issues increase as well.
03 May 2021

Two-Step Verification

Two-step verification (also called two-factor authentication or 2FA) is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. At a minimum enable two-step verification for your most important accounts such as email, financial and retirement accounts.
03 May 2021

Ransomware Task Force Publishes Framework to Fight Global Threat

An 81-page report details how ransomware has evolved, along with recommendations on how to deter attacks and disrupt its business model.
30 April 2021

New Threat Group Carrying Out Aggressive Ransomware Campaign

UNC2447 observed targeting now-patched vulnerability in SonicWall VPN.
30 April 2021

Government agencies could access personal data without consent under new bill

Government agencies could access personal data without consent under new bill

Privacy advocates fear Coalition’s proposed data-sharing law could allow for robodebt-style tactics

Australians’ personal information could be accessed by government agencies and researchers without their consent under proposed data-sharing legislation that critics say could pave the way for more robodebt-style tactics.

In a speech at an Australian Financial Review conference this week, the former government services minister Stuart Robert said it wasn’t his job to make government “sexy”, but make it simple.

Related: Facebook data leak: Australians urged to check and secure social media accounts

Related: Government investigates data breach revealing details of 774,000 migrants

Continue reading...
30 April 2021

PortDoor Espionage Malware Takes Aim at Russian Defense Sector

PortDoor Espionage Malware Takes Aim at Russian Defense Sector The stealthy backdoor is likely being used by Chinese APTs, researchers said.
30 April 2021

MITRE Adds MacOS, More Data Types to ATT&CK Framework

Version 9 of the popular threat matrix will improve support for a variety of platforms, including cloud infrastructure.
30 April 2021

MITRE Adds MacOS, Linux, More Data Types to ATT&CK Framework

Version 9 of the popular threat matrix will improve support for a variety of platforms, including cloud infrastructure.
30 April 2021

WeSteal: A Cryptocurrency-Stealing Tool That Does Just That

WeSteal: A Cryptocurrency-Stealing Tool That Does Just That The developer of the WeSteal cryptocurrency stealer can’t be bothered with fancy talk: they say flat-out that it’s “the leading way to make money in 2021”.
30 April 2021

Survey Finds Broad Concern Over Third-Party App Providers Post-SolarWinds

Most IT and cybersecurity professionals think security is important enough to delay deployment of applications, survey data shows.
30 April 2021

Is the SolarWinds Hack Really a Seismic Shift?

Is the SolarWinds Hack Really a Seismic Shift? Oliver Tavakoli, CTO of Vectra AI, discusses the massive supply-chain hack's legacy and ramifications for security professionals.
30 April 2021

Ghost Town Security: What Threats Lurk in Abandoned Offices?

Ghost Town Security: What Threats Lurk in Abandoned Offices? Millions of office buildings and campuses were rapidly abandoned during the pandemic. Now it's a year later - what happened in those office parks and downtown ghost towns? What security dangers lurk there now, waiting to ambush returning businesses?
30 April 2021

Week in security with Tony Anscombe

Governments as cyber-targets – FBI and Have I Been Pwned team up to notify Emotet victims – Mac users urged to plug a serious security hole

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

30 April 2021

The Ticking Time Bomb in Every Company's Code

Developers must weigh the benefits and risks of using third-party code in Web apps.
30 April 2021

7 Modern-Day Cybersecurity Realities

7 Modern-Day Cybersecurity Realities Security pros may be working with a false sense of security. We explore seven places where old methods and techniques have to change to keep their organizations safe.
30 April 2021