Cybersecurity News
How the Shady Zero-Day Sales Game Is Evolving
Zero-day vulns are cold, while access-as-a-service is hot. Here's how black market (and gray market) deals go down.
07 January 2021
Fired Healthcare Exec Stalls Critical PPE Shipment for Months
A fired Stradis Healthcare employee sought revenge by tampering with shipping data for desperately needed healthcare PPE.
07 January 2021
Ryuk gang estimated to have made more than $150 million from ransomware attacks
Most of the Ryuk gang's "earnings" are being cashed out through accounts at crypto-exchanges Binance and Huobi.07 January 2021
Threatpost Poll: Weigh in on Ransomware Security
Provide your views on ransomware and how to deal with it in our anonymous Threatpost poll.
07 January 2021
WhatsApp updates privacy policy to enable sharing more data with Facebook
Many users have until February 8 to accept the new rules – or else lose access to the app
The post WhatsApp updates privacy policy to enable sharing more data with Facebook appeared first on WeLiveSecurity
07 January 2021
New Year, New Ransomware: Babuk Locker Targets Large Corporations
Despite being a mostly run-of-the-mill ransomware strain, Babuk Locker's encryption mechanisms and abuse of Windows Restart Manager sets it apart.
07 January 2021
Cobalt Strike and Metasploit accounted for a quarter of all malware C&C servers in 2020
Security firm Recorded Future said it tracked more than 10,000 malware command and control servers last year, used across more than 80 malware families.07 January 2021
The 3 Most Common Types of BEC Attacks (And What You Can Do About Them)
Always be skeptical and double check credentials.07 January 2021
Facebook’s Mandatory Data-Sharing Rules for WhatsApp Spark Ire
The messaging platform will update its privacy platform on Feb. 8 to integrate further with its parent company, prompting users to cry foul over privacy issues.
07 January 2021
Former VP with an ax to grind hacks company, disrupts PPE supply, earns jail term
The sabotage of electronic records led to delays in shipping critical PPE during the COVID-19 pandemic.07 January 2021
Disgruntled former VP hacks company, disrupts PPE supply, earns jail term
The sabotage of electronic records led to delays in shipping critical PPE during the COVID-19 pandemic.07 January 2021
North Korean hackers launch RokRat Trojan in campaigns against the South
A VBA self decoding technique is being used to hide the malware on impacted systems.07 January 2021
JetBrains denies being the origin point of the SolarWinds hack
JetBrains denies confusing reports from the New York Times and Wall Street Journal portraying it as the origin point of the SolarWinds hack, which was later used to attack thousands of companies worldwide.06 January 2021
JetBrains denies being involved in SolarWinds hack
JetBrains denies reports that is being under investigation and somehow related to the SolarWinds breach.06 January 2021
Healthcare Organizations Bear the Brunt of Cyberattacks Amid Pandemic
In the past two months alone, attacks against the sector soared 45% - more than double the rate of other sectors, Check Point says.06 January 2021
NSA Urges SysAdmins to Replace Obsolete TLS Protocols
The NSA released new guidance providing system administrators with the tools to update outdated TLS protocols.
06 January 2021
Nissan Source Code Leaked via Misconfigured Git Server
Leaked information includes source code of Nissan mobile apps, diagnostics tool, and market research tools and data, among other assets.06 January 2021
It’s Not the Trump Sex Tape, It’s a RAT
Criminals are using the end of the Trump presidency to deliver a new remote-access trojan (RAT) variant disguised as a sex video of the outgoing POTUS, researchers report.
06 January 2021
DoJ's Microsoft 365 Email Accounts Compromised in SolarWinds Attacks
Three percent of email accounts were breached, the Department of Justice reports.06 January 2021
Feds Issue Recommendations for Maritime Cybersecurity
Report outlines deep cybersecurity challenges for the public/private seagoing sector.
06 January 2021