Cybersecurity News
Apple, Google, Microsoft, and Mozilla ban Kazakhstan's MitM HTTPS certificate
This marks the second time browsers makers had to intervene and block a certificate used by the Kazakhstan government to spy on its citizens.18 December 2020
Microsoft Confirms Its Network Was Breached With Tainted SolarWinds Updates

18 December 2020
FBI Warns of DoppelPaymer Attacks on Critical Infrastructure
The operators behind DoppelPaymer have begun calling victims to pressure them into paying ransom, officials say.18 December 2020
Sunburst’s C2 Secrets Reveal Second-Stage SolarWinds Victims

18 December 2020
VMware Flaw a Vector in SolarWinds Breach?
U.S. government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. According to sources, among those was a flaw in software virtualization platform VMware, which the U.S. National Security Agency (NSA) warned on Dec. 7 was being used by Russian hackers to impersonate authorized users on victim networks.18 December 2020
FBI & Interpol disrupt Joker's Stash, the internet's largest carding marketplace
Four threat intel firms, Digital Shadows, Intel 471, Gemini Advisory, and Kela, said the disruption was temporary.18 December 2020
Week in security with Tony Anscombe
Supply‑chain attack against a certification authority in Southeast Asia. Holiday online… Safely! Scammers targeting PayPal users. Week in security with Tony Anscombe
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
18 December 2020
Microsoft Caught Up in SolarWinds Spy Effort, Joining Federal Agencies

18 December 2020
Cyberpunk 2077 Headaches Grow: New Spyware Found in Fake Android Download

18 December 2020
Insider Threats: What Are They, Really?

18 December 2020
5 Key Takeaways from the SolarWinds Breach

18 December 2020
2021 Cybersecurity Predictions: The Intergalactic Battle Begins
There's much in store for the future of cybersecurity, and the most interesting things aren't happening on Earth.18 December 2020
NSA warns of federated login abuse for local-to-cloud attacks
The US National Security Agency describes two techniques abused in recent attacks for escalating attacks from local networks to cloud infrastructure.18 December 2020
Microsoft says it identified 40+ victims of the SolarWinds hack
Microsoft says 80% of the victims it identified were located in the United States.17 December 2020
Microsoft was also breached in recent SolarWinds supply chain hack, report
Report claims that after hackers breached Microsoft, they used Microsoft's own products to attack other companies.17 December 2020
Malicious Browser Extensions for Social Media Infect Millions of Systems
At least 28 third-party add-ons for top social media sites, including Facebook and Vimeo, redirect users to phishing sites and steal data.17 December 2020
How to Increase Your Security Posture with Fewer Resources

17 December 2020
Nuclear Weapons Agency Hacked in Widening Cyberattack – Report

17 December 2020
'SocGholish' Attack Framework Powers Surge in Drive-By Attacks
Menlo Labs research team says framework's social engineering toolkit helps criminals impersonate software updates.17 December 2020
5M WordPress Sites Running ‘Contact Form 7’ Plugin Open to Attack

17 December 2020