Cybersecurity News


DDoS-Guard To Forfeit Internet Space Occupied by Parler

Parler, the beleaguered social network advertised as a "free speech" alternative to Facebook and Twitter, has had a tough month. Apple and Google removed the Parler app from its stores, and Amazon blocked the platform from using its hosting services. Parler has since found a home in DDoS-Guard, a Russian digital infrastructure company. But now it appears DDoS-Guard is about to be relieved of more than two-thirds of the Internet address space the company leases to clients -- including the Internet addresses currently occupied by Parler.
21 January 2021

Google Forms Set Baseline For Widespread BEC Attacks

Google Forms Set Baseline For Widespread BEC Attacks Researchers warn that attackers are collecting reconnaissance for future business email compromise attacks using Google Forms.
21 January 2021

Rethinking IoT Security: It's Not About the Devices

Keeping IoT safe in the future will require securing the networks themselves. Focusing on the devices is a never-ending battle that will only become more burdensome.
21 January 2021

Google Searches Expose Stolen Corporate Credentials

Google Searches Expose Stolen Corporate Credentials A phishing campaign spoofs Xerox notifications to lure victims into clicking on malicious HTML attachments.
21 January 2021

MrbMiner crypto-mining operation linked to Iranian software firm

Despite the Sophos report ousting the MrbMiner group today, the botnet is expected to continue to operate with impunity.
21 January 2021

Automated exploit of critical SAP SolMan vulnerability detected in the wild

Proof-of-concept exploit code was published last week.
21 January 2021

This phishing scam left thousands of stolen passwords exposed through Google search

A mistake on the part of the cyberattackers led to their discovery -- and that of the data they pillaged.
21 January 2021

Vadokrist: A wolf in sheep’s clothing

Another in our occasional series demystifying Latin American banking trojans

The post Vadokrist: A wolf in sheep’s clothing appeared first on WeLiveSecurity

21 January 2021

Microsoft Releases New Info on SolarWinds Attack Chain

Threat actors went to elaborate lengths to maintain operational security around second-stage payload activation, company says.
20 January 2021

SolarWinds Attack, Cyber Supply Chain Among Priorities for Biden Administration

During Senate confirmation hearings, the nominees for Secretary of Homeland Security and Director of National Intelligence pledged to focus on cybersecurity.
20 January 2021

Critical Cisco SD-WAN Bugs Allow RCE Attacks

Critical Cisco SD-WAN Bugs Allow RCE Attacks Cisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite.
20 January 2021

DNSpooq bugs expose millions of devices to DNS cache poisoning

Security flaws in a widely used DNS software package could allow attackers to send users to malicious websites or to remotely hijack their devices

The post DNSpooq bugs expose millions of devices to DNS cache poisoning appeared first on WeLiveSecurity

20 January 2021

NVIDIA Gamers Face DoS, Data Loss from Shield TV Bugs

NVIDIA Gamers Face DoS, Data Loss from Shield TV Bugs The company also issued patches for Tesla-based GPUs as part of an updated, separate security advisory.
20 January 2021

Name That Toon: Insider Threat

Name That Toon: Insider Threat Ready for some fun? Come up with a clever cartoon caption for Dark Reading's January contest, and our panel of experts will reward the winner with a $25 Amazon gift card.
20 January 2021

Malwarebytes Hit by SolarWinds Attackers

Malwarebytes Hit by SolarWinds Attackers The attack vector was not the Orion platform but rather an email-protection application for Microsoft 365.
20 January 2021

NSA urges system administrators to replace obsolete TLS protocols

NSA: Obsolete encryption provides a false sense of security.
20 January 2021

Investment Scammers Prey on Dating App Users, Interpol Warns

Investment Scammers Prey on Dating App Users, Interpol Warns Users of dating apps - like Tinder, Match and Bumble - should be on the lookout for investment-fraud scammers.
20 January 2021

Paving the way: Inspiring Women in Payments - A podcast featuring Nicole Braun

 

At times, Nicole Braun was the only female Qualified Security Assessor (QSA) in the entire country of New Zealand. In our 2021 podcast series debut, Nicole explains how she found success in the payments industry, against all odds, and why she thinks there are encouraging signs that a gender shift is coming.

20 January 2021

Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms

Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms Mystery of spying using popular chat apps uncovered by Google Project Zero researcher.
20 January 2021

Tips for a Bulletproof War Room Strategy

The techniques used in real-world combat apply in cybersecurity operations, except that instead of bullets flying downrange, it's packets.
20 January 2021