Cybersecurity News
Data Privacy Day 2021: Pandemic Response Data Must Align with Data Privacy Rules
Amid a pandemic, Data Privacy Day this year brings forth expanded responsibilities for organizations in the response to COVID-19.28 January 2021
New cybercrime tool can build phishing pages in real-time
The new LogoKit phishing kit has already been spotted on more than 700 unique domains over the past month.28 January 2021
Apple patches three iOS zero‑days under attack
The company emits emergency updates to fix bugs affecting devices ranging from iPhones to Apple Watches
The post Apple patches three iOS zero‑days under attack appeared first on WeLiveSecurity
27 January 2021
Arrest, Seizures Tied to Netwalker Ransomware
U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. In connection with the seizure, a Canadian national suspected of extorting more than $27 million through the spreading of NetWalker was charged in a Florida court.27 January 2021
Intl. Law Enforcement Operation Disrupts Emotet Botnet
Global law enforcement agencies have seized control of Emotet infrastructure, disrupting one of the world's most pervasive and dangerous cyber threats.27 January 2021
Critical Vulnerability Patched in 'sudo' Utility for Unix-Like OSes
Flaw exists in versions of sudo going back nearly 10 years; USCYBERCOM recommends organizations patch immediately.27 January 2021
TeamTNT Cloaks Malware With Open-Source Tool
The detection-evasion tool, libprocesshider, hides TeamTNT's malware from process-information programs.
27 January 2021
NetWalker Ransomware Suspect Charged: Tor Site Seized
The suspect allegedly has extorted $27.6 million from ransomware victims, mostly in the healthcare sector.
27 January 2021
US and Bulgarian authorities disrupt NetWalker ransomware operation
Authorities seize dark web domains, charge a Canadian, and seize $454,000 in cryptocurrency.27 January 2021
Remote Attackers Can Now Reach Protected Network Devices via NAT Slipstreaming
A new version of NAT slipstreaming allows cybercriminals an easy path to devices that aren't connected to the internet.
27 January 2021
Sudo Bug Gives Root Access to Mass Numbers of Linux Systems
Qualys said the vuln gives any local user root access to systems running the most popular version of Sudo.
27 January 2021
Microsoft Security Business Exceeds $10B in Revenue
Microsoft's security division has grown more than 40% year-over-year, the company reports alongside security product updates.27 January 2021
Authorities plan to mass-uninstall Emotet from infected hosts on April 25, 2021
The world's largest malware botnet will become extinct by April after today's coordinated takedown and planned clean-up operations.27 January 2021
Authorities plan to mass-uninstall Emotet from infected hosts on March 25, 2021
The world's largest malware botnet will become extinct by April after today's coordinated takedown and planned clean-up operations.27 January 2021
ADT Security Camera Flaw Opened Homes, Stores to Eavesdropping
Researchers publicly disclosed flaws in ADT's LifeShield DIY HD Video Doorbell, which could have allowed local attackers to access credentials, video feeds and more.
27 January 2021
Emotet Takedown Disrupts Vast Criminal Infrastructure; NetWalker Site Offline
Hundreds of servers and 1 million Emotet infections have been dismantled globally, while tales have emerged on Twitter that NetWalker's Dark Web leaks site is offline.
27 January 2021
4 Clues to Spot a Bot Network
Protect against misinformation and disinformation campaigns by learning how to identify the bot networks spreading falsehoods.27 January 2021
Many Cybersecurity Job Candidates Are Subpar, While On-the-Job Training Falls Short
With demand for skilled cybersecurity workers so high, is it really surprising that most companies are seeing fewer qualified applicants?27 January 2021
PCI SSC Announces 2021 Special Interest Group Election Results
Following its annual Special Interest Group (SIG) election process, the PCI Security Standards Council has confirmed the winning SIG topic for 2021. The Council’s Participating Organizations voted to select “Best Practices for Container Orchestration” as the focus for the year ahead. The goal of the SIG is to provide guidance for companies on how to enhance security when using container orchestration tools. This guidance will include an overview of container orchestration tools as well as a breakdown of payment industry considerations for critical components of typical system implementations.
27 January 2021
Apple Patches Three iOS Zero-Day Vulnerabilities
New iOS 14.4 update available for iPhones and iPads.27 January 2021