Supply-Chain Hack Breaches 35 Companies, Including PayPal, Microsoft, Apple
Ethical hacker Alex Birsan developed a way to inject malicious code into open-source developer tools to exploit dependencies in organizations internal applications. https://threatpost.com/supply-chain-hack-paypal-microsoft-apple/163814/ […]
Researchers discover new malware from Chinese hacking group
Researchers have discovered new “highly malleable, highly sophisticated” malware from a state-backed Chinese hacker group, according to Palo Alto Network’s Unit 42 threat intelligence team. […]
Plex Media SSDP (PMSSDP) Reflection/Amplification DDoS Attack Mitigation Recommendations
ASERT Threat Summary Date/Time: February 7, 2020 2200UTC Severity: Warning Distribution: TLP: WHITE Categories: Availability Contributors: Ben Crowther, Ion Schiopu, Jon Belanger, Chris Conrad, Andrew Bartholomew. Changes for Version 1.2 (February 7, […]
Do you understand what Schrems II means for your business?
Since the Schrems II case ruling, there has been a concerning lack of understanding across the board among C-level executives who have misconceptions about the […]
Billions of Passwords Offered for $2 in Cyber-Underground
About 3.27 billion stolen account logins have been posted to the RaidForums English-language cybercrime community in a ‘COMB’ collection. https://threatpost.com/billions-passwords-cyber-underground/163738/ […]
Top 5 Bug Bounty Programs to Watch in 2021
While Gartner does not have a dedicated Magic Quadrant for Bug Bounties or Crowd Security Testing yet, Gartner Peer Insights already lists 24 vendors in […]
Over 3 billion emails and passwords hacked in possibly the largest breach ever
Hacker harvest 2021 has begun. According to CyberNews, 3.27 billion unique pairs of emails and passwords were leaked on a popular hacking forum, aggregating past […]
Critical Cisco Flaws Open VPN Routers Up to RCE Attacks
The vulnerabilities exist in Cisco’s RV160, RV160W, RV260, RV260P, and RV260W VPN routers for small businesses. Mit dem Laden des Tweets akzeptieren Sie die Datenschutzerklärung […]
Highlights of the Cybersecurity Standardisation Conference
The 2021 edition of the Conference presented the developments and upcoming challenges in European standardisation under the Cybersecurity Act. The European Standards Organisations, CEN, CENELEC […]
Ransomware Newcomers Include Pay2Key, RansomEXX, Everest
Maze May Have Exited, But Fresh Gangs Arrive Bearing Dedicated Data-Leaking Sites https://www.bankinfosecurity.co.uk/ransomware-newcomers-include-pay2key-ransomexx-everest-a-15908 […]
3 New Severe Security Vulnerabilities Found In SolarWinds Software
Cybersecurity researchers on Wednesday disclosed three severe security vulnerabilities impacting SolarWinds products, the most severe of which could have been exploited to achieve remote code […]
Zero-day vulnerability in SonicWall products actively exploited in the wild
The warning comes following a cyber-attack on the network security company last month A zero-day vulnerability in SonicWall enterprise security products is being actively exploited […]
So, What’s So Special About the Newest Ransomware?
We were just a few days into the new year. We had hoped that this year will definitely be our year. We had hoped that […]
Android Gets Its New Malware for the Year
Not a day goes by without a piece of malware news. Today is no exception. A new family of Android ransomware has been revealed by […]
5G Cybersecurity (Preliminary Draft)
Announcement NIST’s National Cybersecurity Center of Excellence (NCCoE) has posted for comment a preliminary draft—the first of three volumes of an upcoming practice guide on 5G cybersecurity. […]
World’s most dangerous malware EMOTET disrupted through global action
Law enforcement and judicial authorities worldwide have this week disrupted one of most significant botnets of the past decade: EMOTET. Investigators have now taken control […]