Cybersecurity News
Accellion zero-day claims a new victim in cybersecurity company Qualys
A hotfix was applied, but not before some customer files may have been compromised.04 March 2021
CISA issues emergency directive to agencies: deal with Microsoft Exchange zero-days now
Patch now, or disconnect Microsoft Exchange services from the internet.04 March 2021
Maza Russian cybercriminal forum suffers data breach
Forums can be areas to swap illicit tools and data, but they can also be the targets of cyberattackers in their turn.04 March 2021
Cybersecurity risks and challenges facing the financial industry
A primer on various threats looming over financial companies and the steps that the organizations can take to counter them
The post Cybersecurity risks and challenges facing the financial industry appeared first on WeLiveSecurity
04 March 2021
Intel: More Than 90% of Our Vulnerabilities Found via Research
Internal research and external bug-bounty programs combined to discover the vast majority of reported security issues in the company's software.03 March 2021
More Details Emerge on the Microsoft Exchange Server Attacks
The attacks are more widespread than initially reported, researchers say, and a look at why the Microsoft Exchange Server zero-days patched this week are so dangerous.03 March 2021
Intel: Paid Research Caught More Than 90% of Our Vulnerabilities
Internal research and external bug-bounty programs combined to discover the vast majority of reported security issues in the company's software.03 March 2021
Okta to Buy Rival Auth0
The deal, valued at $6.5 billion, will bring together competitors in the identity management space.03 March 2021
Unpatched Bug in WiFi Mouse App Opens PCs to Attack
Wireless mouse-utility lacks proper authentication and opens Windows systems to attack.
03 March 2021
CISA to Federal Agencies: Immediately Patch or 'Disconnect' Microsoft Exchange Servers
The US Department of Homeland Security agency's new emergency directive comes in the wake of major zero-day attacks on email servers revealed by Microsoft this week.03 March 2021
Google Patches Actively-Exploited Flaw in Chrome Browser
A flaw (CVE-2021-21166) in the Audio component of Google Chrome is fixed in a new update being pushed out to Windows, Mac and Linux users.
03 March 2021
Malaysia Air Downplays Frequent-Flyer Program Data Breach
A third-party IT provider exposed valuable airline data that experts say could be a goldmine for cybercriminals.
03 March 2021
Home-Office Photos: A Ripe Cyberattack Vector
Threat actors can use personal information gleaned from images to craft targeted scams, putting personal and corporate data at risk.
03 March 2021
RTM Cybergang Adds New Quoter Ransomware to Crime Spree
The Russian-speaking RTM threat group is targeting organizations in an ongoing campaign that leverages a well-known banking trojan, brand new ransomware strain and extortion tactics.
03 March 2021
Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow
Attackers have weaponized code dependency confusion to target internal apps at tech giants.
03 March 2021
How SolarWinds Busted Up Our Assumptions About Code Signing
With so much automation in code writing process, results are rarely double-checked, which opens the door to vulnerabilities and downright danger.03 March 2021
Microsoft Exchange Zero-Day Attackers Spy on U.S. Targets
Full dumps of email boxes, lateral movement and backdoors characterize sophisticated attacks by a Chinese APT - while more incidents spread like wildfire.
03 March 2021
Design, Security, Tech Is the New Stack You Should Be Building
Instead of different departments managing information systems, Ally Financial has combined data, digitization, security, and design into a single "stack" of human resources.03 March 2021
Ursnif Trojan has targeted over 100 Italian banks
1,700 credentials were stolen from a single payment processor.03 March 2021
Microsoft account hijack vulnerability earns bug bounty hunter $50,000
The researcher says he could have abused the bug to hijack Microsoft accounts.03 March 2021