Security News

Filter by:

FontOnLake: Previously unknown malware family targeting Linux

ESET researchers discover a malware family with tools that show signs they’re used in targeted attacks
ZDnet 12 Oct 2021 846 Views

GitHub revokes duplicate SSH auth keys linked to library bug

GitHub has revoked weak SSH authentication keys generated using a library that incorrectly created duplicate RSA keypairs.
ZDnet 12 Oct 2021 779 Views

Iran-linked DEV-0343 targeting defense, GIS, and maritime sectors

DEV-0343 is a new activity cluster that the Microsoft Threat Intelligence Center (MSTIC) first observed and began tracking in late July 2021. MSTIC has observed DEV-0343 conducting extensive password spraying against more than 250 Office 365 tenants, with a focus...
ZDnet 12 Oct 2021 674 Views

4 Key Questions for Zero-Trust Success

Anurag Kahol, CTO & co-founder at Bitglass, offers tips for avoiding implementation pitfalls for zero trust.
Threatpost 8 Oct 2021 675 Views

No honor among thieves: One in five targets of FIN12 hacking group is in healthcare

The group strikes big game targets with annual revenues of over $6 billion.
ZDnet 8 Oct 2021 729 Views

Poorly Configured Apache Airflow Instances Leak Credentials for Popular Services

Cybersecurity researchers on Monday discovered misconfigurations across older versions of Apache Airflow instances belonging to a number of high-profile companies across various sectors, resulting in the exposure of sensitive credentials for popular platforms and services such as Amazon Web Services (AWS), Binance, Google Cloud...
The Hacker News 8 Oct 2021 14226 Views

Ransomware: Cyber criminals are still exploiting these old vulnerabilities, so patch now

Years-old security vulnerabilities remain a common attack method for ransomware attacks because organisations aren't applying the patches to fix them.
ZDnet 8 Oct 2021 643 Views

Singapore tweaks cybersecurity strategy with OT emphasis

Five years after the country introduced its cybersecurity strategy, Singapore unveils a revised national plan that aims to assume a more proactive stance in addressing threats and drive its cybersecurity posture, including a new operational technology competency framework.
ZDnet 8 Oct 2021 645 Views

VMware ESXi Servers Encrypted by Lightning-Fast Python Script

The little snippet of Python code strikes fast and nasty, taking less than three hours to complete a ransomware attack from initial breach to encryption.
Threatpost 7 Oct 2021 779 Views

Google to auto-enroll 150 million user accounts into 2FA

Google announced today that they plan on auto-enrolling 150 million accounts into two-factor authentication by the end of 2021.
BleepingComputer 6 Oct 2021 824 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY