Cybersecurity News


Cloudflare launches Page Shield to thwart Magecart card skimming attacks

Magecart attacks remain a prolific threat to the security of our financial data.
25 March 2021

University students refunded for false ads touting job opportunities with Microsoft, Twitter

The FTC says students were impacted by the school’s “deceptive ads.”
25 March 2021

Sierra Wireless Website Still Down After Ransomware Attack

The company believes the attack's impact is limited to its internal IT systems and corporate websites.
24 March 2021

California State Controller's Office Suffers Data Breach

Employee unwittingly gave hacker access to email account for more than a day.
24 March 2021

Ransomware Incidents Continue to Dominate Threat Landscape

Cisco Talos' IR engagements found attackers relied heavily on malware like Zloader and BazarLoader to distribute ransomware in the past three months.
24 March 2021

Facebook Reports China-Linked Cyberattack Targeting Uyghurs

Facebook has removed accounts used to send malicious links to Uyghur people with the goal of infecting their devices.
24 March 2021

ProtonVPN CEO Blasts Apple for ‘Aiding Tyrants’ in Myanmar

ProtonVPN CEO Blasts Apple for ‘Aiding Tyrants’ in Myanmar CEO says Apple rejected a security update needed to protect human-rights abuse evidence.
24 March 2021

Active Exploits Hit WordPress Sites Vulnerable to Thrive Themes Flaws

Active Exploits Hit WordPress Sites Vulnerable to Thrive Themes Flaws Thrive Themes has recently patched vulnerabilities in its WordPress plugins and legacy Themes - but attackers are targeting those who haven't yet applied security updates.
24 March 2021

Ransomware Attack Foils IoT Giant Sierra Wireless

Ransomware Attack Foils IoT Giant Sierra Wireless The ransomware attack has impacted the IoT manufacturer's production lines across multiple sites, and other internal operations.
24 March 2021

Microsoft Exchange Servers See ProxyLogon Patching Frenzy

Microsoft Exchange Servers See ProxyLogon Patching Frenzy Vast swathes of companies were likely compromised before patches were applied, so the danger remains.
24 March 2021

What a Federal Data Privacy Law Would Mean for Consumers

With an array of serious proposals from both sides of the political divide, it looks as though the US may finally have a national privacy law.
24 March 2021

How to Protect Our Critical Infrastructure From Attack

Just how worried should we be about a cyber or physical attack on national infrastructure? Chris Price reports on how the pandemic, the growth of remote working, and IoT are putting assets at risk.
24 March 2021

Purple Fox Malware Targets Windows Machines With New Worm Capabilities

Purple Fox Malware Targets Windows Machines With New Worm Capabilities A new infection vector from the established malware puts internet-facing Windows systems at risk from SMB password brute-forcing.
24 March 2021

Prioritizing Application & API Security After the COVID Cloud Rush

As companies hit the gas to accommodate the rapid shift to work-from-home, security fell behind. Now, it's time to close those gaps.
24 March 2021

Hundreds of fleeceware apps earn dubious iOS, Android developers over $400 million

Free trials can cost mobile app users thousands of dollars in the long run.
24 March 2021

SaltStack revises partial patch for command injection, privilege escalation vulnerability

The second fix was reportedly necessary after SaltStack did not participate in coordinated disclosure.
24 March 2021

Purple Fox malware evolves to propagate across Windows machines

The malware’s new worm capabilities have resulted in a rapidly-increasing infection rate.
24 March 2021

Microsoft: 92% of vulnerable exchange servers are now patched, mitigated

The latest telemetry suggests IT admins are taking the threat seriously.
24 March 2021

Anti-Spoofing for Email Gains Adoption, but Enforcement Lags

More organizations adopt sender authentication, but strict quarantining or rejection of unauthenticated messages remains uncommon.
23 March 2021