Cybersecurity News


Kmart, Latest Victim of Egregor Ransomware – Report

Kmart, Latest Victim of Egregor Ransomware – Report The struggling retailer's back-end services have been impacted, according to a report, just in time for the holidays.
03 December 2020

Common Container Manager Is Vulnerable to Dangerous Exploit

Container manager vulnerability is one of several weaknesses and vulnerabilities recently disclosed for Docker.
03 December 2020

Cloud Security Threats for 2021

Most of these issues can be remediated, but many users and administrators don't find out about them until it's too late.
03 December 2020

TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions

TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions A new "TrickBoot" module scans for vulnerable firmware and has the ability to read, write and erase it on devices.
03 December 2020

Dell announces new protections for its PC and server supply chain

Dell to start using tamper-evident seals during physical transport and provide a software reset feature to wipe hard-drives before customer deployment.
03 December 2020

US Officials Take Action Against 2,300 Money Mules

Eight federal law enforcement agencies participated in the Money Mule Initiative, a global crackdown on money laundering.
03 December 2020

iPhone hack allowed device takeover via Wi‑Fi

Using a zero-click exploit, an attacker could have taken complete control of any iPhone within Wi-Fi range in seconds

The post iPhone hack allowed device takeover via Wi‑Fi appeared first on WeLiveSecurity

03 December 2020

Researchers Bypass Next-Generation Endpoint Protection

Machine learning-based products can be tricked to classify malware as a legitimate file, new findings show.
03 December 2020

DeathStalker APT Spices Things Up with PowerPepper Malware

DeathStalker APT Spices Things Up with PowerPepper Malware A raft of obfuscation techniques turn the heat up for the hacking-for-hire operation.
03 December 2020

Reverse Engineering Tools: Evaluating the True Cost

Reverse Engineering Tools: Evaluating the True Cost Breaking down the true cost of software tools in the context of reverse engineering and debugging may not be as clear-cut as it appears.
03 December 2020

Cyberattacks Target COVID-19 Vaccine ‘Cold-Chain’ Orgs

Cyberattacks Target COVID-19 Vaccine ‘Cold-Chain’ Orgs Cybercriminals try to steal the credentials of top companies associated with the COVID-19 vaccine supply chain in an espionage effort.
03 December 2020

As Modern Mobile Enables Remote Work, It Also Demands Security

As Modern Mobile Enables Remote Work, It Also Demands Security Smartphones, tablets, collaboration apps and other modern framework tools are critical to maintaining productivity remotely, but they also demand an integrated security strategy purpose-built for mobile devices. The coronavirus pandemic has completely upended the way we work, educate and socialize. Soon after the rapid onset of the virus, organizations were forced to fully adopt work-from-home […]
03 December 2020

From FUD to Fix: Why the CISO-Vendor Partnership Needs to Change Now

CISOs and their staffs are up against too many systems, screens, and alerts, with too few solutions to effectively address pain points.
03 December 2020

Clop Gang Makes Off with 2M Credit Cards from E-Land

Clop Gang Makes Off with 2M Credit Cards from E-Land The ransomware group pilfered payment-card data and credentials for over a year, before ending with an attack last month that shut down many of the South Korean retailer’s stores.
03 December 2020

Data of 243 million Brazilians exposed online via website source code

The password to access a highly sensitive Ministry of Health database was stored inside a government site's source code.
03 December 2020

Code42 Incydr Series: Honing in on High-Risk Users with Code42 Incydr

Code42 Incydr Series: Honing in on High-Risk Users with Code42 Incydr Incydr lets you monitor your high-risk users without impeding their ongoing work.
03 December 2020

Google Security Researcher Develops 'Zero-Click' Exploit for iOS Flaw

A new patched memory corruption vulnerability in Apple's AWDL protocol can be used to take over iOS devices that are in close proximity to an attacker.
03 December 2020

Google Play Apps Remain Vulnerable to High-Severity Flaw

Google Play Apps Remain Vulnerable to High-Severity Flaw Patches for a flaw (CVE-2020-8913) in the Google Play Core Library have not been implemented by several popular Google Play apps, including Cisco Teams and Edge.
03 December 2020

This phishing group is targeting COVID-19 vaccine supply chains

Clues indicate state-sponsored hackers may be to blame.
03 December 2020

Mysterious phishing campaign targets organizations in COVID-19 vaccine cold chain

Targets include EU directorates, companies making vaccine shipping containers, a website development firm linked to vaccine supply chains.
03 December 2020