Cybersecurity News


FBI hacks vulnerable US computers to fix malicious malware

FBI hacks vulnerable US computers to fix malicious malware

US justice department says bureau hacked devices to remove malware from insecure software

The FBI has been hacking into the computers of US companies running insecure versions of Microsoft software in order to fix them, the US Department of Justice has announced.

The operation, approved by a federal court, involved the FBI hacking into “hundreds” of vulnerable computers to remove malware placed there by an earlier malicious hacking campaign, which Microsoft blamed on a Chinese hacking group known as Hafnium.

Related: Documents reveal FBI head defended encryption for WhatsApp before becoming fierce critic

Continue reading...
14 April 2021

Test-DEU-169665

President Biden has nominated Jen Easterly as the new director of CISA and is expected to nominate Chris Inglis as the first national cyber director.
14 April 2021

Privacy

Privacy is more than just settings in your social media account or using the Tor Browser. Your data and actions are collected in a variety of ways. The more aware you are of just how much of your data is collected, the better you can protect it.
14 April 2021

Microsoft Patch Tuesday, April 2021 Edition

Microsoft today released updates to plug at least 110 security holes in its Windows operating systems and other products. The patches include four security fixes for Microsoft Exchange Server -- the same systems that have been besieged by attacks on four separate (and zero-day) bugs in the email software over the past month. Redmond also patched a Windows flaw that is actively being exploited in the wild.
13 April 2021

DNS Vulnerabilities Expose Millions of Internet-Connected Devices to Attack

Researchers uncover a fresh set of nine vulnerabilities in four TCP/IP stacks that are widely used in everything from powerful servers and firewalls to consumer IoT products.
13 April 2021

NSA Alerted Microsoft to New Exchange Server Vulnerabilities

Microsoft today patched 114 CVEs to address the Exchange Server flaws, more than 50 remote code execution vulnerabilities, and one zero-day.
13 April 2021

Compromised Microsoft Exchange Server Used to Host Cryptominer

Researchers say an unknown attacker is targeting vulnerable Exchange Servers with a payload hosted on a compromised Exchange Server.
13 April 2021

How the NAME:WRECK Bugs Impact Consumers, Businesses

How the NAME:WRECK Bugs Impact Consumers, Businesses How this class of vulnerabilities will impact millions connected devices and potentially wreck the day of IT security professionals.
13 April 2021

Global Dwell Time Drops as Ransomware Attacks Accelerate

The length of time attackers remain undiscovered in a target network has fallen to 24 days, researchers report, but ransomware plays a role.
13 April 2021

COVID-Related Threats, PowerShell Attacks Lead Malware Surge

COVID-Related Threats, PowerShell Attacks Lead Malware Surge Researchers measured 648 new malware threats every minute during Q4 2020.  
13 April 2021

Dark Reading to Upgrade Site Design, Performance

Improvements will make site content easier to navigate, faster, and more functional.
13 April 2021

Tax Phish Swims Past Google Workspace Email Security

Tax Phish Swims Past Google Workspace Email Security Crooks are looking to harvest email credentials with a savvy campaign that uses the Typeform service to host the phishing page.
13 April 2021

5 Objectives for Establishing an API-First Security Strategy

With APIs predicted to be the most common attack vector by 2022, an API-first security strategy is critical now more than ever.
13 April 2021

Adobe Patches Slew of Critical Security Bugs in Bridge, Photoshop

Adobe Patches Slew of Critical Security Bugs in Bridge, Photoshop The security bugs could open the door for arbitrary code-execution and full takeover of targeted machines.
13 April 2021

WhatsApp flaw lets anyone lock you out of your account

An attacker can lock you out of the app using just your phone number and without requiring any action on your part

The post WhatsApp flaw lets anyone lock you out of your account appeared first on WeLiveSecurity

13 April 2021

Clear & Present Danger: Data Hoarding Undermines Better Security

Facebook and Google can identify patterns of attack within their own data, but smaller businesses rarely see enough traffic to successfully identify an attack or warn users.
13 April 2021

Chrome Zero-Day Exploit Posted on Twitter

Chrome Zero-Day Exploit Posted on Twitter An update to Google’s browser that fixes the flaw is expected to be released on Tuesday.
13 April 2021

Recording Conference Calls

When hosting or attending conference calls, only record the call if you have prior permission, a work related need to record the call, and you make sure everyone on the call knows it will be recorded.
13 April 2021

ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

Someone is selling account information for 21 million customers of ParkMobile, a mobile parking app that's popular in North America. The stolen data includes customer email addresses, phone numbers, license plate numbers, hashed passwords and mailing addresses.
12 April 2021

Biden Nominates Former NSA Officials for Top Cybersecurity Roles

President Biden has nominated Jen Easterly as the new director of CISA and is expected to nominate Chris Inglis as the first national cyber director.
12 April 2021