Cybersecurity News
New Normal Demands New Security Leadership Structure
At the inaugural Omdia Analyst Summit, experts discuss where the past year has created gaps in traditional security strategy and how organizations can fill them.Multiple Zero-Day Flaws Discovered in Popular Hospital Pneumatic Tube System
"PwnedPiper" flaws could allow attackers to disrupt delivery of lab samples or steal hospital employee credentials, new research shows.Ransomware operators love them: Key trends in the Initial Access Broker space
In a threat actor's mind, take out the legwork, reap the proceeds of blackmail.On course for a good hacking
A story of how easily hackers could hit a hole-in-one with the computer network of a premier golf club in the UK.
The post On course for a good hacking appeared first on WeLiveSecurity
NSA Warns Public Networks are Hacker Hotbeds

Transition to Version 1.1 for New Secure SLC and Secure Software Submissions
With the release of the Secure Software Lifecycle (“Secure SLC”) Standard v1.1 in February 2021 and the Secure Software Standard v1.1 in April 2021, updated versions of the associated reporting templates and attestation forms were also made available in the Document Library.
Novel Meteor Wiper Used in Attack that Crippled Iranian Train System

Week in security with Tony Anscombe
With vacations in full swing, cybercriminals will be looking to scam vacationers looking for that perfect accommodation. Learn to identify these scams. Most people are fans of the convenience provided by online shopping, but some criminals uses this to lure clients into Amazon scams. Learn to detect these. Now that organizations are set to evolve a
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Watch out for these scams, targeting Amazon’s customers
Most people are fans of the convenience Amazon brings to online shopping, and that’s precisely what cybercriminals are betting on.
The post Watch out for these scams, targeting Amazon’s customers appeared first on WeLiveSecurity
UC San Diego Health Breach Tied to Phishing Attack

CISA’s Top 30 Bugs: One’s Old Enough to Buy Beer

Leading cybersecurity agencies reveal list of most exploited vulnerabilities of the past 2 years
There are 30 vulnerabilities listed in total; organizations would do well to patch their systems if they haven’t done so yet
The post Leading cybersecurity agencies reveal list of most exploited vulnerabilities of the past 2 years appeared first on WeLiveSecurity
Israeli Government Agencies Visit NSO Group Offices

The Life Cycle of a Breached Database
Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. Here's a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database. Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. One might even say passwords are the fossil fuels powering most IT modernization: They're ubiquitous because they are cheap and easy to use, but that means they also come with significant trade-offs -- such as polluting the Internet with weaponized data when they're leaked or stolen en masse.Six Malicious Linux Shell Scripts Used to Evade Defenses and How to Stop Them

Tackling the insider threat to the new hybrid workplace
Now that organizations are set to evolve a hybrid blend of home and office-based work for most employees, it is more important then ever to address the risks that insider threat can - willingly or unwitingly - pose.
The post Tackling the insider threat to the new hybrid workplace appeared first on WeLiveSecurity
Most Twitter users haven’t enabled 2FA yet, report reveals
Twitter’s transparency report revealed that users aren’t quick to adopt 2FA and once they do enable it, they choose the least secure option
The post Most Twitter users haven’t enabled 2FA yet, report reveals appeared first on WeLiveSecurity
8 Security Tools to be Unveiled at Black Hat USA

BlackMatter & Haron: Evil Ransomware Newborns or Rebirths

Reboot of PunkSpider Tool at DEF CON Stirs Debate
