Cybersecurity News
CISA Urges Sites to Patch Critical RCE in Discourse
The patch, urgently rushed out on Friday, is an emergency fix for the widely deployed platform, whose No. 1 most trafficked site is Amazon’s Seller Central.
SolarWinds hackers, Nobelium, once again strike global IT supply chains, Microsoft warns
The APT is probing potential new technology supply chain victims.FIN7 Lures Unwitting Security Pros to Carry Out Ransomware Attacks
The infamous Carbanak operator is moving is looking to juice its ransomware game by recruiting IT staff to its fake Bastion Secure 'pen-testing' company.
REvil Servers Shoved Offline by Governments – But They’ll Be Back, Researchers Say
A multi-country effort has given ransomware gang REvil a taste of its own medicine by pwning its backups and pushing its leak site and Tor payment site offline.
Week in security with Tony Anscombe
How to break into cybersecurity – Is your password easy to guess? – Shining a spotlight on the security risks of shadow IT
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Week in security with Tony Anscombe
How to break into cybersecurity – Is your password easy to guess? – Shining a spotlight on the security risks of shadow IT
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Cisco SD-WAN Security Bug Allows Root Code Execution
The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw.
Paving the way: Inspiring Women in Payments - A Q&A featuring Cari King
She was the first woman in her family to complete high school and a first-generation college graduate. But, as a single mom on public assistance, Cari King knew that she needed more than a job to improve her situation; she needed a career. However, she did not know any female role models with careers to show her the way. In fact, it wasn’t until she was in her thirties that she first met a woman with a career in technology. First, it was a female retail computer store owner who took a chance on her. Then, it was a female computer programmer who saw her potential and encouraged Cari to believe in herself. In this edition of our blog, Cari explains why it’s important to continue to expose girls to successful women in the tech industry, even if role models are difficult to find in their own community.
Threat Actors Abuse Discord to Push Malware
The platform’s Content Delivery Network and core features are being used to send malicious files—including RATs--across its network of 150 million users, putting corporate workplaces at risk.
Ex-carrier employee sentenced for role in SIM-swapping scheme
He was paid a daily fee to route victim numbers to handsets controlled by other criminals.South African police arrest eight men suspected of targeting widows in romance scams
The gang concocted "sob stories" to lure their victims into parting with cash.What’s lurking in the shadows? How to manage the security risks of shadow IT
Employee use of unsanctioned hardware and software is an increasingly acute problem in the remote and hybrid work era
The post What’s lurking in the shadows? How to manage the security risks of shadow IT appeared first on WeLiveSecurity
What’s lurking in the shadows? How to manage the security risks of shadow IT
Employee use of unsanctioned hardware and software is an increasingly acute problem in the remote and hybrid work era
The post What’s lurking in the shadows? How to manage the security risks of shadow IT appeared first on WeLiveSecurity
U.S. Ban on Sales of Cyberattack Tools Is Anemic, Experts Warn
Meanwhile, Zerodium's quest to buy VPN exploits is problematic, researchers said.
Resource Guide: Defending Against Ransomware
Ransomware attacks have been front and center in the news recently due to high-profile breaches that have impacted businesses across the globe. These headline grabbing attacks have been part of a larger global increase in ransomware crime. With a dramatic increase in security challenges due to the disruptions caused in part by the COVID-19 pandemic, there has been a significant increase in ransomware attacks.
TA551 Shifts Tactics to Install Sliver Red-Teaming Tool
A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment.
Gigabyte Allegedly Hit by AvosLocker Ransomware
If AvosLocker stole Gigabyte's master keys, threat actors could force hardware to download fake drivers or BIOS updates in a supply-chain attack a la SolarWinds.
Why is Cybersecurity Failing Against Ransomware?
Hardly a week goes by without another major company falling victim to a ransomware attack. Nate Warfield, CTO at Prevailion, discusses the immense challenges in changing that status quo.
Ransomware Sinks Teeth into Candy-Corn Maker Ahead of Halloween
Chicago-based Ferrara acknowledged an Oct. 9 attack that encrypted some systems and disrupted production.
Cybersecurity careers: What to know and how to get started
Want to help make technology safer for everyone? Love solving puzzles? Looking for a rewarding career? Break into cybersecurity! Insights from ESET researchers Aryeh Goretsky and Cameron Camp will put you on the right track.
The post Cybersecurity careers: What to know and how to get started appeared first on WeLiveSecurity