0 Comments
Authorities step in to thwart attacks leveraging the recently-disclosed Microsoft Exchange Server vulnerabilities The United States’ Federal Bureau of Investigation (FBI) has carried out a court-approved operation to “copy and remove” malicious web shells from hundreds of systems across the US that were compromised through the mass exploitation of zero-day flaws in Microsoft Exchange Server
0 Comments
Multiple one-click vulnerabilities have been discovered across a variety of popular software applications, allowing an attacker to potentially execute arbitrary code on target systems. The issues were discovered by Positive Security researchers Fabian Bräunlein and Lukas Euler and affect apps like Telegram, Nextcloud, VLC, LibreOffice, OpenOffice, Bitcoin/Dogecoin Wallets, Wireshark, and Mumble. “Desktop applications which pass
0 Comments
Thycotic and Centrify have completed their previously-announced merger, and are now operating under the temporary name of ThycoticCentrify, it has been announced. The two cybersecurity firms have joined together to form a single cloud identity security vendor, pooling their respective expertise and tools in the area of privileged access management (PAM). The announcement comes amid
0 Comments
One of the biggest consequences of the rapidly evolving cybersecurity threat landscape is that defenses must constantly build bigger systems to defend themselves. This leads to both more complex systems and often less communication between them. More importantly, it can lead companies to invest in disparate “best in class” components instead of finding the best
0 Comments
Let’s Make Security Easy I’ve been hearing a lot lately about tech and information overload, which is understandable given that the average U.S. household now has access to more than ten devices. (No wonder we are all spending more time online!) While technology allows us to be incredibly productive and connected, it can make our
0 Comments
Cyber-attacks against global financial institutions are increasingly characterized by attempts to counter incident response, with destructive efforts surging 118% over the past year, according to VMware. The tech giant’s Modern Bank Heists 4.0 report was compiled from interviews with over 120 CISOs and security leaders from some of the world’s biggest banks. It revealed that
0 Comments
The SolarWinds attack, which succeeded by utilizing the sunburst malware, shocked the cyber-security industry. This attack achieved persistence and was able to evade internal systems long enough to gain access to the source code of the victim. Because of the far-reaching SolarWinds deployments, the perpetrators were also able to infiltrate many other organizations, looking for
0 Comments
The McAfee Advanced Threat Research team today published the McAfee Labs Threats Report: April 2021. In this edition, we present new findings in our traditional threat statistical categories – as well as our usual malware, sectors, and vectors – imparted in a new, enhanced digital presentation that’s more easily consumed and interpreted. Historically, our reports
0 Comments
The British public are still woefully underinformed and unaware of the security benefits of multi-factor authentication (MFA), a new study from the FIDO Alliance has revealed. The industry association, founded in 2012 to promote authentication standards and reduce global reliance on passwords, recently polled over 4000 consumers in the UK, France, Germany and the US.
0 Comments
Some personal information just doesn’t age – here’s what the Facebook data leak may mean for you ‘Half a billion Facebook users’ data breached’, this or something very similar is a headline you may have seen in the media in recent days. Any data breach, especially one that affects such a large quantity of users,
0 Comments
Social media giant Facebook has removed thousands of groups from its platforms over the trading of fake and misleading reviews. The cull occurred after two separate interventions by Britain’s competition watchdog, the Competition and Markets Authority (CMA). In January 2020, Facebook committed to improving its identification, investigation, and removal of groups and other pages where
0 Comments
APKPure, one of the largest alternative app stores outside of the Google Play Store, was infected with malware this week, allowing threat actors to distribute Trojans to Android devices. In an incident that’s similar to that of German telecommunications equipment manufacturer Gigaset, the APKPure client version 3.17.18 is said to have been tampered with in
0 Comments
Surging levels of fraud and financial crime during the pandemic threaten to overwhelm banking teams working from home with disjointed internal systems, according to new research from FICO. The predictive analytics company commissioned Omdia to poll 110 senior executives supporting financial crime-fighting efforts in banks across the US, UK, Brazil, Germany, the Nordics and Canada. In
0 Comments
ESET researchers discover a new Lazarus backdoor deployed against a freight logistics firm in South Africa ESET researchers have discovered a previously undocumented Lazarus backdoor used to attack a freight logistics company in South Africa, which they have dubbed Vyveva. The backdoor consists of multiple components and communicates with its C&C server via the Tor