Cybersecurity News


Lookout Acquires SASE Cloud Provider CipherCloud

Deal signals a focus on the cloud for mobile security firm.
15 March 2021

Paving the way: Inspiring Women in Payments - A Q&A featuring Cindy vanBree

 

She’s been recognized by U.S. agency heads for her award-winning contributions to national security. But, when Cindy vanBree retired from the Defense Aerospace sector after a long career, she wasn’t ready to stop working. In this edition of our blog, Cindy explains how she found continued success by following her passion into consultancy and why it’s never too late to start over again. In fact, in Cindy’s case, some careers even come full circle; through her continuing education, she will once again leverage her Defense Sector experience after having been recently certified as a Cybersecurity Maturity Model Certification (CMMC) Registered Practitioner.

15 March 2021

Google Warns Mac, Windows Users of Chrome Zero-Day Flaw

Google Warns Mac, Windows Users of Chrome Zero-Day Flaw The use-after-free vulnerability is the third Google Chrome zero-day flaw to be disclosed in three months.
15 March 2021

Name That Toon: Something Seems Afoul

Name That Toon: Something Seems Afoul Dark Reading's March cartoon caption contest is here, along with a few new feathered friends.
15 March 2021

Google fails to quash Incognito mode user tracking, privacy lawsuit

The company may now have to fight against user privacy violation claims in court.
15 March 2021

How to Choose the Right Cybersecurity Framework

Cybersecurity frameworks can help reduce your risk of supply chain attacks and increase your competitive advantage.
15 March 2021

Verkada Breach Demonstrates Danger of Overprivileged Users

In re-evaluating supply chains, companies should classify vendors with super admin privileges to devices or backdoors as a significant threat.
15 March 2021

WeLeakInfo Leaked Customer Payment Info

A little over a year ago, the FBI and law enforcement partners overseas seized WeLeakInfo[.]com, a wildly popular service that sold access to more than 12 billion usernames and passwords stolen from thousands of hacked websites. In an ironic turn of events, a lapsed domain registration tied to WeLeakInfo let someone plunder and publish account data for 23,000 people who paid to access the service with a credit card.
15 March 2021

Hafnium’s China Chopper: a ‘slick’ and tiny web shell for creating server backdoors

Hafnium has been linked to recent attacks on Microsoft Exchange Server.
15 March 2021

Microsoft investigates potential ties between partner security firm, Exchange Server attack code leak

Exploit tools used in widespread attacks reportedly are similar to PoC code privately distributed by Microsoft to vendors.
15 March 2021

PayPal fraud: What merchants should know

From overpayment to shipping scams, what are some of the most common threats that merchants using PayPal should watch out for?

The post PayPal fraud: What merchants should know appeared first on WeLiveSecurity

15 March 2021

Sky Global CEO indicted over encrypted chat drug trafficking, calls allegations an 'outrage'

The executive says the indictment highlights the “vilification” of anyone “who takes a stance against unwarranted surveillance.”
15 March 2021

Critical Security Hole Can Knock Smart Meters Offline

Critical Security Hole Can Knock Smart Meters Offline Unpatched Schneider Electric PowerLogic ION/PM smart meters are open to dangerous attacks.
12 March 2021

Microsoft Exchange Server Attacks: 9 Lessons for Defenders

Microsoft Exchange Server Attacks: 9 Lessons for Defenders Experts share their guidance for organizations running on-premise Exchange servers in the wake of rapidly spreading attacks.
12 March 2021

Contemplating the Coffee Supply Chain: A Horror Story

Contemplating the Coffee Supply Chain: A Horror Story On the bean-to-cup journey, dangers await around every corner. Here, well-caffeinated security experts warn the coffee industry about the threats.
12 March 2021

REvil Group Claims Slew of Ransomware Attacks

REvil Group Claims Slew of Ransomware Attacks The threat group behind the Sodinokibi ransomware claimed to have recently compromised nine organizations.
12 March 2021

Europol Credits Sweeping Arrests to Cracked Sky ECC Comms  

Europol Credits Sweeping Arrests to Cracked Sky ECC Comms   Sky ECC claims that cops cracked a fake version of the app being passed off by disgruntled reseller.
12 March 2021

Can a Programming Language Reduce Vulnerabilities?

Rust offers a safer programming language, but adoption is still a problem despite recent signs of increasing popularity.
12 March 2021

Metamorfo Banking Trojan Abuses AutoHotKey to Avoid Detection

Metamorfo Banking Trojan Abuses AutoHotKey to Avoid Detection A legitimate binary for creating shortcut keys in Windows is being used to help the malware sneak past defenses, in a rash of new campaigns.
12 March 2021

Microsoft Exchange Exploits Pave a Ransomware Path

Microsoft Exchange Exploits Pave a Ransomware Path As attacks double every hour, hackers are exploiting vulnerable Microsoft Exchange servers and installing a new family of ransomware called DearCry.
12 March 2021