Lohrman on Security

MARCH 28, 2021

Technology 361

Technology 361

We Live Security

MARCH 31, 2021

From losing cherished memories to missing deadlines, the impact of not having backups when a data disaster strikes can hardly be overstated. The post Are you prepared to prevent data loss? appeared first on WeLiveSecurity.

Backups 145

Backups 145

Graham Cluley

MARCH 28, 2021

Insurance firm CNA Hardy says that it has suffered a “sophisticated cybersecurity attack” that has impacted its operations, including its email system. According to a statement posted on the firm’s website, CNA determined it had fallen foul of hackers on March 21: “Out of an abundance of caution, we have disconnected our systems from our … Continue reading "Cyber insurance giant CNA hit by ransomware attack".

Cyber Insurance 137

Cyber Insurance Insurance Ransomware Cybersecurity 137

Troy Hunt

MARCH 31, 2021

If you've landed on this page because you saw a strange message on a completely different website then followed a link to here, drop a note to the site owner and let them know what happened. If, on the other hand, you're on this page because you're interested in reading about the illicit use of cryptomining on compromised websites and how through fortuitous circumstances, I now own coinhive.com and am doing something useful with it, read on.

Technology 363

Technology Mobile Internet Internet 363

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Krebs on Security

MARCH 28, 2021

New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let’s just get this out of the way right now: It wasn’t me. The Shadowserver Foundation , a nonprofit that helps network owners identify and fix security threats , says it has found 21,248 different Exchange servers which appear to be compromised by a backdoor and communicating with brian

Hacking 357

Hacking Cybercrime DNS Antivirus 357

Schneier on Security

APRIL 1, 2021

A mafia fugitive hiding out in the Dominican Republic was arrested when investigators found his YouTube cooking channel and identified him by his distinctive arm tattoos.

315

315

Tech Republic Security

MARCH 30, 2021

One way to get C-level managers and cybersecurity department heads on the same page is to employ cyber risk quantification, as it speaks to costs versus risks.

Cyber Risk 214

Cyber Risk Risk Cybersecurity 214

Krebs on Security

APRIL 1, 2021

Dear Readers, this has been long overdue, but at last I give you a more responsive, mobile-friendly version of KrebsOnSecurity. We tried to keep the visual changes to a minimum and focus on a simple theme that presents information in a straightforward, easy-to-read format. Please bear with us over the next few days as we hunt down the gremlins in the gears.

Mobile 281

Mobile Advertising 281

Schneier on Security

MARCH 30, 2021

Researchers have discovered a new Android app called “System Update” that is a sophisticated Remote-Access Trojan (RAT). From a news article : The broad range of data that this sneaky little bastard is capable of stealing is pretty horrifying. It includes: instant messenger messages and database files; call logs and phone contacts; Whatsapp messages and databases; pictures and videos; all of your text messages; and information on pretty much everything else that is on your phone (it

Malware 306

Malware Manufacturing Encryption Government 306

Troy Hunt

APRIL 2, 2021

As soon as I started watching this video back, I remembered why I don't do daylight mode in these any more. It's just so. boring. That said, I've got a bunch of stuff in the pipeline to enhance the room design and lighting as I think there's still plenty of room for improvement, stay tuned for that one. For now though, a lot of this week's video is about the Ubiquiti situation and I'm very candid about my feelings on that one.

Password Management 210

Password Management Passwords Hacking Software 210

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Tech Republic Security

MARCH 30, 2021

KODA advising CTO John Suit discusses the skills and languages that are important for developers who want to build software and systems for modern robots.

Software 204

Software 204

Krebs on Security

MARCH 30, 2021

On Jan. 11, Ubiquiti Inc. [NYSE:UI] — a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras — disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. Now a source who participated in the response to that breach alleges Ubiquiti massively downplayed a “catastrophic” incident to minimize the hit to its stock price, and that the third-party cloud provider

Accountability 280

Accountability IoT Passwords Firmware 280

Schneier on Security

APRIL 2, 2021

News article : Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack.” (Gamers looking to flout the rules will typically go to such forums to find new ways to do so.) While the report doesn’t mention which forum they were posted on (that certainly would’ve been helpful), it does say that these offerings have popped up a number of times.

Software 211

Software Malware Antivirus Advertising 211

The Last Watchdog

MARCH 31, 2021

The start of 2021 brings forth a cyber security crossroads. Many people are in the process of shifting back into office operations while balancing the potential risks and benefits of remote work. Related: Breaches spike during pandemic. For some malicious hackers and IT experts, this could represent an opening. From the known compromise vectors to the most recent threats, hackers are constantly on the lookout for new strategies to bypass IT notice, out maneuver defense setups, and take advantage

Cybersecurity 149

Cybersecurity Architecture Authentication Malware 149

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Tech Republic Security

MARCH 31, 2021

Most of the recent credential phishing attacks seen by Menlo Security served phony Outlook and Office 365 login pages.

Phishing 203

Phishing 203

Malwarebytes

APRIL 1, 2021

A newly discovered piece of Android malware shares the same capabilities found within many modern stalkerware-type apps—it can swipe images and video, rifle through online searches, record phone calls and video, and peer into GPS location data—but the infrastructure behind the malware obscures its developer’s primary motivations. First spotted by the research team at Zimperium zLabs , the newly found malware is already detected by Malwarebytes for Android.

Malware 145

Malware Spyware Advertising Surveillance 145

The Hacker News

MARCH 31, 2021

Cybersecurity researchers on Tuesday disclosed details of a sophisticated campaign that deploys malicious backdoors for the purpose of exfiltrating information from a number of industry sectors located in Japan.

Malware 145

Malware Cybersecurity 145

Graham Cluley

MARCH 31, 2021

When an unintelligible tweet was made by the US Strategic Command's Twitter account, it's understandable that some folks might imagine a password was accidentally published to the world, or that perhaps the account had been compromised, or. gulp! that it might be a US nuclear launch code.

Passwords 145

Passwords Accountability 145

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

MARCH 29, 2021

New Linux admins need to know how to give and take sudo privileges from users. Jack Wallen shows you how on both Ubuntu- and Red Hat-based Linux distributions.

197

197

SecureList

MARCH 30, 2021

Why is the campaign called A41APT? In 2019, we observed an APT campaign targeting multiple industries, including the Japanese manufacturing industry and its overseas operations, that was designed to steal information. We named the campaign A41APT (not APT41) which is derived from the host name “DESKTOP-A41UVJV” from the attacker’s system used in the initial infection.

Malware 145

Malware Encryption VPN Technology 145

Malwarebytes

MARCH 29, 2021

Suppose that, out of the blue, a Steam user tells you they’ve accidentally reported you for something you didn’t do, like making an illegal purchase, and that your Steam account is going to be suspended. They ask you to message a Steam admin, whose profile they kindly provide, to help you sort out this dilemma. What do you do? There are some scams on Steam which have stood the test of time.

Scams 145

Scams Accountability Social Engineering Passwords 145

Bleeping Computer

MARCH 29, 2021

In the latest software supply chain attack, the official PHP Git repository was hacked and tampered with. Yesterday, two malicious commits were pushed to the php-src Git repository maintained by the PHP team on their git.php.net server. The threat actors had signed off on these commits as if they were made by known PHP developers. [.].

Hacking 145

Hacking Software 145

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

MARCH 31, 2021

Malware is being hidden in seemingly legitimate files that gamers download to install cheat codes or modifications, says Cisco Talos.

Malware 194

Malware 194

The Hacker News

APRIL 1, 2021

A North Korean government-backed campaign targeting cybersecurity researchers with malware has re-emerged with new tactics in their arsenal as part of a fresh social engineering attack.

Social Engineering 145

Social Engineering Cybersecurity Media Engineering 145

Hot for Security

MARCH 30, 2021

Australia’s Channel 9 network disrupted by cybercriminals Staff told to work from home as station attempts to recover from attack. Live broadcasts from Australia’s Channel 9 TV network were disrupted this weekend following what is believed to have been a cyber attack. As Channel Nine’s “Weekend Today” programme was scheduled to go live on air, the show’s presenters were forced to turn to Twitter to explain their absence.

Cyber Attacks 145

Cyber Attacks Encryption Government Ransomware 145

Bleeping Computer

MARCH 27, 2021

A Windows hacker has found a never-before-seen Easter egg in the Windows 95 Internet Mail application, twnty-five years after the software was released. [.].

Internet 145

Internet Internet Software 145

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Tech Republic Security

MARCH 30, 2021

Over the past six months, the number of organizations hurt by ransomware shot up by more than 50%, says Check Point Research.

Ransomware 179

Ransomware 179

We Live Security

APRIL 1, 2021

Does every device in your home really need to be connected to the internet? And could your smart appliance be turned against you? The post Is your dishwasher trying to kill you? appeared first on WeLiveSecurity.

Internet 145

Internet Internet 145

Security Affairs

MARCH 30, 2021

Linux kernel recently fixed a couple of vulnerabilities that could allow an attacker to bypass mitigations designed to protect devices against Spectre attacks. Kernel updates released in March have addressed a couple of vulnerabilities that could be exploited by an attacker to bypass mitigations designed to protect devices against Spectre attacks. In January 2018, White hackers from Google Project Zero disclosed vulnerabilities , affecting all modern Intel CPUs, dubbed Meltdown (CVE-2017-57

Technology 145

Technology Malware Hacking Information Security 145

Bleeping Computer

APRIL 2, 2021

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warn of advanced persistent threat (APT) actors targeting Fortinet FortiOS servers using multiple exploits. [.].

Cybersecurity 145

Cybersecurity 145

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity