Port 22

Big Tech Cant Ban Its Way Out of This
January 16, 2021

Platforms are scrambling to avoid being used by right-wing extremists targeting the inauguration. But the seeds of this crisis were sown long ago.

WhatsApp Delays Controversial 'Data-Sharing' Privacy Policy Update By 3 Months
January 16, 2021

WhatsApp said on Friday that it wouldn’t enforce its recently announcedcontroversial data sharing policyupdateuntil May 15. Originally set to go into effect next month on February 8, the three-month delay comes following “a lot of misinformation” about a revision to its privacy policy that allows WhatsApp to share data with Facebook, sparking widespread concerns about the exact kind of

NSA Suggests Enterprises Use 'Designated' DNS-over-HTTPS' Resolvers
January 15, 2021

The U.S. National Security Agency (NSA) on Friday said DNS over HTTPS (DoH) if configured appropriately in enterprise environments can help prevent “numerous” initial access, command-and-control, and exfiltration techniques used by threat actors. “DNS over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), often referred to as DNS over HTTPS (DoH), encrypts DNS requests by

Joker's Stash, The Largest Carding Marketplace, Announces Shutdown
January 15, 2021

Joker’s Stash, the largest dark web marketplace notorious for selling compromised payment card data, has announced plans to shut down its operations on February 15, 2021. In a message board post on a Russian-language underground cybercrime forum, the operator of the site who goes by the name “JokerStash” said “it’s time for us to leave forever” and that “we will never ever open again,“

Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks
January 15, 2021

Cybersecurity researchers havediscloseda series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware including a previously undocumented backdoor. Attributing the campaign toWinnti(or APT41), Positive Technologies dated the first attack to May 12, 2020, when the APT used LNK shortcuts to extract and run the malware payload. A

Experts Uncover Malware Attacks Against Colombian Government and Companies
January 14, 2021

Cybersecurity researchers took the wraps off an ongoing surveillance campaign directed against Colombian government institutions and private companies in the energy and metallurgical industries. In a report published by ESET on Tuesday, the Slovak internet security company said the attacks dubbed “Operation Spalax” began in 2020, with the modus operandi sharing some similarities to an APT

Intel Adds Hardware-Enabled Ransomware Detection to 11th Gen vPro Chips
January 13, 2021

Intel and Cybereason have partnered to build anti-ransomware defenses into the chipmaker’s newly announced 11th generation CorevProbusiness-class processors. The hardware-based security enhancements are baked into Intel’s vPro platform via itsHardware ShieldandThreat Detection Technology(TDT), enabling profiling and detection of ransomware and other threats that have an impact on the CPU

Microsoft Patch Tuesday, January 2021 Edition
January 13, 2021

Microsoft today released updates to plug more than 80 security holes in its Windows operating systems and other software, including one that is actively being exploited and another which was disclosed prior to today. Ten of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited by malware or miscreants to seize remote control over unpatched systems with little or no interaction from Windows users.

Buyer's Guide for Securing Internal Environment with a Small Cybersecurity Team
January 13, 2021

Ensuring the cybersecurity of your internal environment when you have a small security team is challenging. If you want to maintain the highest security level with a small team, your strategy has to be ‘do more with less,’ and with the right technology, you can leverage your team and protect your internal environment from breaches. The “buyer’s guide for securing the internal environment with a

Authorities Take Down World's Largest Illegal Dark Web Marketplace
January 12, 2021

Europol on Tuesday said it shut down DarkMarket, the world’s largest online marketplace for illicit goods, as part of aninternational operationinvolving Germany, Australia, Denmark, Moldova, Ukraine, the U.K.‘s National Crime Agency (NCA), and the U.S. Federal Bureau of Investigation (FBI). At the time of closure, DarkMarket is believed to have had 500,000 users and more than 2,400 vendors,

Hackers Steal Mimecast Certificate Used to Securely Connect with Microsoft 365
January 12, 2021

Mimecast said on Tuesday that “a sophisticated threat actor” had compromised a digital certificate it provided to certain customers to securely connect its products to Microsoft 365 (M365) Exchange. The discovery was made after the breach was notified by Microsoft, the London-based companysaid in an alertposted on its website, adding it’s reached out to the impacted organizations to remediate

Microsoft Issues Patches for Defender Zero-Day and 82 Other Windows Flaws
January 12, 2021

For the first patch Tuesday of 2021, Microsoft releasedsecurity updatesaddressing a total of 83 flaws spanning as many as 11 products and services, including an actively exploited zero-day vulnerability. The latest security patches cover Microsoft Windows, Edge browser, ChakraCore, Office and Microsoft Office Services, and Web Apps, Visual Studio, Microsoft Malware Protection Engine, .NET Core

SolarWinds: What Hit Us Could Hit Others
January 12, 2021

New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company’s software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers. More worrisome, the research suggests the insidious methods used by the intruders to subvert the company’s software development pipeline could be repurposed against many other major software providers.

Page 1 of 91 Older Posts →