Cybersecurity News
Cisco, Intel, Deloitte Among Victims of SolarWinds Breach: Report
The Wall Street Journal identified 24 businesses so far that have downloaded the SolarWinds software infected with malicious code.Nosy Ex-Partners Armed with Instagram Passwords Pose a Serious Threat

Smart Doorbell Disaster: Many Brands Vulnerable to Attack

NSA, CISA Warn of Attacks on Federated Authentication
While incident responders focus on attacks using SolarWinds Orion, government cyber defenders highlight other methods likely being used as well.Defending Against State and State-Sponsored Threat Actors

Partial lists of organizations infected with Sunburst malware released online
As security researchers dig through forensic evidence in the aftermath of the SolarWinds supply chain attack, victim names are slowly starting to surface.7 Infamous Moments in Adobe Flash's Security History

Zero-Click Apple Zero-Day Uncovered in Pegasus Spy Attack

Simplifying Proactive Defense With Threat Playbooks

Dark Web Pricing Skyrockets for Microsoft RDP Servers, Payment-Card Data

Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client Takeovers

Hacker Dumps Crypto Wallet Customer Data; Active Attacks Follow

Cybersecurity Advent calendar: Stay aware, stay safe!
When it comes to holiday gifts, surprise and wonder are always welcome. When it comes to protecting your security, however, you don’t want to leave anything to chance.
The post Cybersecurity Advent calendar: Stay aware, stay safe! appeared first on WeLiveSecurity
We Have a National Cybersecurity Emergency -- Here's How We Can Respond
Let's prioritize bipartisan strategic actions that can ensure our national security and strengthen the economy. Here are five ideas for how to do that.A second hacking group has targeted SolarWinds systems
Some SolarWinds systems were found compromised with malware named Supernova and CosmicGale, unrelated to the recent supply chain attack.Telemed Poll Uncovers Biggest Risks and Best Practices

Zero-click iOS zero-day found deployed against Al Jazeera employees
Zero-day exploited a vulnerability in the iMessages app, patched in iOS 14.iPhones vulnerable to hacking tool for months, researchers say

Analysis: NSO Group’s Pegasus spyware could allegedly track locations and access passwords
For almost a year, spyware sold by Israel’s NSO Group was allegedly armed with a computer security super-weapon: a zero-footprint, zero-click, zero-day exploit that used a vulnerability in iMessage to seize control of an iPhone at the push of a button.
That means it would have left no visible trace of being placed on target’s phones, could be installed by simply sending a message that the victim didn’t even need to click on, and worked even on phones that were running the then-latest version of iOS, the operating system for iPhones.
Continue reading...Firefox to ship 'network partitioning' as a new anti-tracking defense
Firefox's "network partitioning" feature to ship in v85, scheduled for January 2021.Cloud is King: 9 Software Security Trends to Watch in 2021
