Threat Level as of JANUARY 2021

MS ISAC Last Mnt Alert Level May 2019

For JANUARY 2021, the Cyber Threat Alert Level has has been evaluated and because of COVID-19 Pandemic, has remained in the "GUARDED" security levels.

Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.

MS ISAC Last Mnt Hot Topics MAR2020 2
MS ISAC Last Mnt Hot Topics MAR2020 3
MS ISAC Last Mnt Hot Topics MAR2020
MS ISAC Last Mnt Alert Map May 2019

"Knowledge about your enemies will help you win. Thus, treat threat intelligence with the respect it deserves and use it to protect your organization from all the relevant adversaries."

- How to Collect, Refine, Utilize and Create Threat Intelligence, October 2016, Gartner

Are you living in a SMART HOME?

SMART HOMES based on the IoT (Internet of Things - Amazon Alexa, Google Siri, Ring Doorbell etc) provide comfort & convenient management of our complicated life, however, SMART HOMES are also the largest threat to our privacy and risk of identity theft --

RSS Threats with IoTs

RSS IoT For All

  • The World of AI: How It Works & What It Does April 9, 2021
    The post The World of AI: How It Works & What It Does appeared first on IoT For All From machine learning to deep learning, catch up on the world of artificial intelligence and how it will be used in the future. The post The World of AI: How It Works & What It Does […]
  • Survey Drones: Rethinking the Construction Industry April 9, 2021
    The post Survey Drones: Rethinking the Construction Industry appeared first on IoT For All IoT-enabled Survey Drones are creating new opportunities for enhanced monitoring and processes in the construction industry. The post Survey Drones: Rethinking the Construction Industry appeared first on IoT For All.
  • 5 Strategies for Running a Successful IoT Project April 9, 2021
    The post 5 Strategies for Running a Successful IoT Project appeared first on IoT For All Discover the top 5 strategies for running a successful IoT project. The post 5 Strategies for Running a Successful IoT Project appeared first on IoT For All.
  • Future Role of Artificial Intelligence in Logistics and Transportation April 8, 2021
    The post Future Role of Artificial Intelligence in Logistics and Transportation appeared first on IoT For All AI-powered systems will enable better customer experiences, improved fleet management, and better overall business margins in the transportation sector. The post Future Role of Artificial Intelligence in Logistics and Transportation appeared first on IoT For All.
  • Here’s Why The Public Cloud Is Changing Innovation April 8, 2021
    The post Here’s Why The Public Cloud Is Changing Innovation appeared first on IoT For All Today, we are living in the golden age of innovation due to the great technological computing resources available in the public cloud. The post Here’s Why The Public Cloud Is Changing Innovation appeared first on IoT For All.

NIST National Vulnerabilty Database

Search the NIST database for a known vulnerability now ---

RSS National Vulnerability Database

  • CVE-2021-20691 (yomi-search) April 7, 2021
    Cross-site scripting vulnerability in Yomi-Search Ver4.22 allows remote attackers to inject an arbitrary script via unspecified vectors.
  • CVE-2021-20690 (yomi-search) April 7, 2021
    Cross-site scripting vulnerability in Yomi-Search Ver4.22 allows remote attackers to inject an arbitrary script via unspecified vectors.
  • CVE-2021-20687 (kagemai) April 7, 2021
    Cross-site request forgery (CSRF) vulnerability in Kagemai 0.8.8 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
  • CVE-2021-20689 (yomi-search) April 7, 2021
    Cross-site scripting vulnerability in Yomi-Search Ver4.22 allows remote attackers to inject an arbitrary script via unspecified vectors.
  • CVE-2021-20685 (kagemai) April 7, 2021
    Cross-site scripting vulnerability in Kagemai 0.8.8 allows remote attackers to inject an arbitrary script via unspecified vectors.
  • CVE-2021-20686 (kagemai) April 7, 2021
    Cross-site scripting vulnerability in Kagemai 0.8.8 allows remote attackers to inject an arbitrary script via unspecified vectors.
  • CVE-2020-13421 (openiam) April 6, 2021
    OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions, and Password Reset actions.
  • CVE-2020-13420 (openiam) April 6, 2021
    OpenIAM before 4.2.0.3 allows remote attackers to execute arbitrary code via Groovy Script.
  • CVE-2020-13422 (openiam) April 6, 2021
    OpenIAM before 4.2.0.3 does not verify if a user has permissions to perform /webconsole/rest/api/* administrative actions.
  • CVE-2020-13419 (openiam) April 6, 2021
    OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch task.

RSS National Vulnerability Database

  • CVE-2021-20020 April 10, 2021
    A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
  • CVE-2021-30480 April 9, 2021
    Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat software, which is different from the chat feature […]
  • CVE-2021-21195 April 9, 2021
    Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
  • CVE-2021-21196 April 9, 2021
    Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
  • CVE-2021-21197 April 9, 2021
    Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
  • CVE-2021-21198 April 9, 2021
    Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
  • CVE-2021-21194 April 9, 2021
    Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
  • CVE-2021-21199 April 9, 2021
    Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
  • CVE-2021-25373 April 9, 2021
    Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
  • CVE-2021-25374 April 9, 2021
    An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.

RSS Tenable Product Security Advisories

  • [R1] Nessus Agent 8.2.4 Fixes Multiple Vulnerabilities April 7, 2021
    Nessus Agent leverages third-party software to help provide underlying functionality. Two separate third-party components (OpenSSL and sqlite) were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of these […]
  • [R1] Nessus 8.14.0 Fixes One Vulnerability April 5, 2021
    Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host.
  • [R1] Tenable.sc 5.18.0 Fixes One Third-party Vulnerability March 31, 2021
    Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgrade the bundled OpenSSL components to address the potential impact of these issues. […]
  • [R1] Nessus 8.13.2 Fixes Multiple Third-party Vulnerabilities March 31, 2021
    Nessus leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgrade the bundled OpenSSL components to address the potential impact of these issues. […]
  • [R1] Nessus Agent 8.2.3 Fixes Multiple Vulnerabilities March 17, 2021
    Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local host during initial linking of the Nessus Agent when installed on an Amazon EC2 instance. This could allow a privileged attacker to obtain the token. Additionally, one third-party component (OpenSSL) was found to contain vulnerabilities, and […]
  • [R2] Stand-alone Security Patches Available for Tenable.sc versions 5.13.0 to 5.17.0 March 1, 2021
    Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution (RCE) on the Tenable.sc server via Hypertext Preprocessor unserialization. Additionally, one third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers. […]
  • [R1] Nessus Network Monitor 5.13.0 Fixes One Third-party Vulnerability February 16, 2021
    Nessus Network Monitor leverages third-party software to help provide underlying functionality. One of the third-party components (jQuery) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgrade the bundled jQuery components to address the potential impact of […]
  • [R1] Nessus AMI 8.13.1 Fixes One Vulnerability February 2, 2021
    Nessus AMI versions 8.12.0 and earlier were found to either not validate, or incorrectly validate, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack.
  • [R1] Tenable.sc 5.17.0 Fixes Multiple Vulnerabilities December 21, 2020
    Tenable.sc leverages third-party software to help provide underlying functionality. Two separate third-party components (jQuery and OpenSSL) were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of these issues. […]
  • [R1] Nessus 8.13.1 Fixes Multiple Vulnerabilities December 17, 2020
    Nessus leverages third-party software to help provide underlying functionality. One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of these issues. Nessus version 8.13.1 […]

RSS The State of Security

  • Digging Into the Third Zero-Day Chrome Flaw of 2021 April 9, 2021
    Hidden deep in Google’s release notes for the new version of Chrome that shipped on March 1 is a fix for an “object lifecycle issue.” Or, for the less technically inclined, a major bug. Bugs like these have been common in Chrome, leading some to wonder whether the world’s most popular web browser is as […]
  • Integrity: How It’s More than Just Data Security and FIM April 8, 2021
    Integrity is a word thrown around a lot in the cybersecurity space. That’s not surprising. It is one of the three components that make up the CIA Triad, after all. However, the meaning and use of the word has been relatively limited in many security circles up until now. Let’s take a look at the […]
  • A new headache for ransomware-hit companies. Extortionists emailing your customers April 7, 2021
    Cybercriminal extortionists have adopted a new tactic to apply even more pressure on their corporate victims: contacting the victims’ customers, and asking them to demand a ransom is paid to protect their own privacy. At the end of March, Bleeping Computer reported that the Clop ransomware gang had not stopped at threatening hacked companies and […]
  • Managing Your Assets with Tripwire Enterprise April 7, 2021
    Asset management is a tricky subject. In many cases, organizations have no idea about how many assets they have, let alone where they are all located.  Fortunately, there are tools that can assist with reaching your asset management goals. While Tripwire Enterprise (TE) is great for detecting unauthorized changes on your system and also for ensuring your […]
  • 3 Best Practices for Building Secure Container Images April 6, 2021
    Organizations are increasingly turning to containers to fuel their digital transformations. According to BMC, a 2019 survey found that more than 87% of respondents were running containers—up from 55% just two years earlier. Additionally, 90% of survey participants that were running applications in containers were doing so in production. That was up from 84% in […]
  • Industrial IoT Needs to Catch Up to Consumer IoT April 6, 2021
    When it comes to cybersecurity, industrial IT—consisting mainly of operational technology (OT) and industrial control systems (ICS)—has failed to keep up with development in the enterprise IT world. That’s mostly because industries’ adoption of internet technology has been slower when compared with enterprises. It would take some time to close the gap, but concerted efforts […]
  • Federal agencies given five days to find hacked Exchange servers April 1, 2021
    CISA, the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, has told federal agencies that they have until 12:00pm EDT on Monday April 5 to scan their networks for evidence of intrusion by malicious actors, and report back the results. CISA is ordering agencies with on-premises Microsoft Exchange servers to urgently conduct the […]
  • Report: USB threats to ICS systems have nearly doubled April 1, 2021
    The latest Honeywell USB Threat Report 2020 indicates that the number of threats specifically targeting Operational Technology systems has nearly doubled from 16% to 28%, while the number of threats capable of disrupting those systems rose from 26% to 59% over the same period. Let’s face it. Critical infrastructure operators in manufacturing, aerospace, energy, shipping, […]
  • Integrity – It’s a Matter of Trust April 1, 2021
    When you think of the cybersecurity “CIA” triad of Confidentiality, Integrity, and Availability, which one of those is most important to your organization?  From a privacy standpoint, confidentiality reigns supreme. Confidentiality is so important that it is codified into many of the cyber regulations of recent years, most notably the California Consumer Privacy Act (CCPA), as […]
  • Role of Encryption in GDPR Compliance March 31, 2021
    Encryption has been a hot topic of discussion during the implementation phase of most data privacy laws. In the age where organizations are dealing with large volumes of data each day, the protection of this sensitive data is critical. The data, which is seen as a business-critical asset for organizations, should be protected against malicious […]

RSS Attacks!

RSS Network Threats

RSS Mobile Device Threats

  • Security Standards For 5G March 24, 2020
    Gartner predicts that the 5G enterprise IoT endpoint installed base will more than triple between 2020 and 2021, from 3.5 million units in 2020 to 11.4 million units in 2021. By 2023, the enterprise 5...
  • RSAC2020: IoT Is Officially Part Of Enterprise Mobility March 6, 2020
    Risk that comes from mobile and IoT devices must be factored into the enterprise security program. Security leaders need to be looking at those risks holistically and strategically, rather than operat...
  • Email Phishing Overshadows Risk Of Mobile Malware January 2, 2020
    Like the mobile device’s counterpart, workstations and laptops, many loaded malware campaigns begin with phishing attempts. Cyber Security Hub developed a market report to explore the perceptions, cha...
  • Incident Of The Week: FaceApp Now Viral For Security Risks July 19, 2019
    FaceApp has become popular for its ability to take a photo of anyone’s face and age it, or transform its features. Developed by a Russian-based company, it has gone viral because many are questioning...
  • BYOD Rules And The Future Of Medical Data Security April 24, 2019
    Healthcare organizations have always been extremely attractive targets to cyber criminals, so the increasing use of personal or third party mobile devices highlights a need for the implementation of m...
  • Incident Of The Week: Group FaceTime Glitch Exposes Privacy Breach February 1, 2019
    According to The New York Times, on Jan. 19, a 14-year-old from Arizona discovered a glitch using FaceTime, Apple’s video chatting software — he could eavesdrop on his friend’s phone before his friend...
  • 5 Reasons To Use Biometrics To Secure Mobile Devices January 24, 2019
    It is no secret that mobile devices are under attack. From phishing scams to a host of other issues, mobile devices are increasingly seen as a vulnerability in the enterprise, and as an easy target fo...
  • 7 Mobile Security Bloggers To Follow January 15, 2019
    With new enterprise mobile device security threats and vulnerabilities being discovered on a frequent basis, it helps to read analysis from numerous industry leaders.
  • 11 Ways To Boost Your Mobile Device Security Now January 11, 2019
    Since mobile devices can represent an enormous security risk, enterprises need to be aware of every solution. Here are 11 initiatives from IQPC's Enterprise Mobility Exchange, to enhance mobile device...
  • Palo Alto Networks CSO Talks Risk Metrics, Algorithms & Automation October 30, 2018
    On the May 14 episode of “Task Force 7 Radio,” host George Rettas sat down with Palo Alto Networks CSO, Rick Howard, to outline risk management, the security kill-chain and much more.

RSS Threats From Malware

RSS Threats to Data

RSS Cloud Threats

RSS Executive Decisions

RSS Security Strategy

  • How CISOs and CDOs Can [and Should] Partner to Strengthen Data Governance April 7, 2021
    Why CDOs and CISOs are a match made in data protection heaven. How data governance fuels data security.
  • Patchwork of Privilege June 26, 2020
    Product marketing manager from Thycotic, Erin Duncan, discusses privilege in this Digital Summit session. Erin sets the stage with this: “We know that cyber attackers are utilizing new technology and...
  • Identity Access, Endpoint Security & User Productivity June 25, 2020
    No matter where you currently are on the “return” continuum, some form of accentuated remote work, it seems- it’s here to stay. The days of 30%ish of your workforce remotely accessing your systems som...
  • Reducing Threat Impact With CIS Controls June 3, 2020
    Lane Roush, vice-president of Presales Systems Engineering at Arctic Wolf Networks, discusses CIS roles, controls, and tools in this digital summit session.
  • Detecting And Responding At The Speed Of Business May 28, 2020
    Tim Condello, the global technology leader for Siemplify, details how to detect and respond to threats at the speed of business in this fun, informative 2020 Cyber Security Summit session.
  • Best Practices For Thriving In An Ambiguous World May 28, 2020
    Christine Vanderpool is the VP of IT security and the chief information security officer for Florida Crystals Corporation and ASR Group.. When she started, there was no defined cyber security strategy...
  • Implementing A Layered Approach To Phishing And Whaling May 27, 2020
    During this digital summit panel, Suresh Chawdhary, head of security & privacy for Nokia, stresses the importance of a layered, multi-pronged cyber security approach to best protect from phishing and...
  • What Is The Current State Of Cyber Security May 27, 2020
    Michael Oberlaender joins host George Rettas on this episode of Task Force 7. Michael is a globally recognized thought leader, author, publisher, and speaker. With three decades of IT experience, Mic...
  • Enable Secure Velocity At Scale: DevOps Automation With Identity May 14, 2020
    Ivan Dwyer, group product marketing manager with Okta, begins this virtual session by acknowledging the challenges of security professionals as an increasing number of organizations adopt cloud and De...
  • Protecting People from the #1 Threat Vector May 4, 2020
    The FBI reported losses attributed to business email compromise (BEC) and Email Account Compromise (EAC) totalling over $26B between July 2016 and July 2019. While the scale of losses is staggering, h...

RSS InfoSecurity Magazine

RSS Application and Cybersecurity Blog

  • 3rd Party IT Risk – Managing the Habitual Headaches February 16, 2021
      While planning for our upcoming Ed TALK on the SolariGate attack with Microsoft and Equifax, I remembered a conversation from an earlier Ed TALK on managing Software Risk.  3rd party “stuff” is a staple in the modern enterprise due to our insatiable appetite for sophisticated and on-demand features.  My three guests had slightly different […]
  • Computer-Based Training: January 2021 Release in Review January 22, 2021
    To remain current with technology and threat trends, we update our training every quarter.  While we enjoy showing off our new content, it’s just as  important for our customers to understand why we separate and conjoin and how learners consume certain topics.  Customer feedback, internal SME reviews, and research on industry and technology trends also […]
  • Extending Security Knowledge to the Cloud January 21, 2021
    Cloud Clash 2020 Wrap-Up
  • Through the Eyes of a Cybersecurity CEO: Trends For 2021 January 14, 2021
      Advice for Executives to Watch Next Year 2020 completely changed the way workforces operate. Digital transformation went from an emerging trend to a necessity for survival. Certain industries were brought to their knees: some didn’t make it, while others thrived. One of those industries that thrived was cyber crime. As millions scrambled and were […]
  • Ed Talks: A 2020 Retrospective December 17, 2020
    Last August, we kicked off a monthly talk show series called Ed TALKS (edtalks.io). Each month I bring cybersecurity leaders together to debate various topics. We took December off to recover from the end-of-year madness ☺ but we'll be back at it again in January 2021. 

RSS Naked Security

RSS Cyber security

RSS Cyber Security

  • Cybersecurity Volunteer Opportunities April 9, 2021
    Does anyone have any suggestion for places to volunteer that would gain me some cybersecurity experience? I'm an entry level person, so, I'm primarily looking to gain experience. Please let me know if there are any suggestions for gaining experience that an employer would find valuable. Thank you! submitted by /u/Round-Campaign-1692 [link] [comments]
  • How exactly do digital intelligence companies like Cellebrite and AccsessData break into locked iPhones? April 9, 2021
    Do they physically change components/hardware of phones? Or do they run some kind of program that can “break” into phones? submitted by /u/Status-Recognition-2 [link] [comments]
  • Cybersecurity Roles: Deadline-based vs. Respond as Problems Arise April 4, 2021
    Which cybersecurity job roles are more deadline-based? (I’m thinking Security Software Eng, since it fits into SDLC, which is deadline-based. What else?) Which roles are more “respond as problems arise?” (I’m guessing defenders/ analysts fall into this category?) submitted by /u/Dudeguybrochingo [link] [comments]
  • Reliable sources of information on cyberattacks March 31, 2021
    Hi everyone! I'm Italian so my engilsh isn't that good (and so on). I'm into political science at the university and for a research i was looking for authoritative and reliable sources of information about cyberattacks and cybersecurity. At the moment the only thing that comes close to what i'm searching is the Center of […]
  • Malicious commits made to the PHP source repo. The malicious code was spotted quickly, but this was a brazen attempt at a supply chain hack. March 30, 2021
    submitted by /u/NeoPaper [link] [comments]
  • New here March 27, 2021
    So hey everybody, new to CyberSec and all things Red and Blue. Any pointers, tips or resources to get started? Im kind of strong in networking and starting off with Sec+ studying as well. My motto is : “In this game, your defense is only as good as your offense. You can’t stop what you […]
  • Working in Consultancy Firms March 26, 2021
    I’m a student looking to get into cybersecurity in the future. Most cybersecurity job postings I see in my area are consultancy firms. To those who have experience working in consultancy firms: * What was/ is your role? * What is a day-to-day schedule like? Is work-life-balance good? * What are the pros and cons […]
  • This was submitted via a WordPress contact form and is one of several spam attempts that I think is aimed to disrupt my website. Does anyone know what this code is meant to do? March 26, 2021
    submitted by /u/tomjarvis [link] [comments]
  • got a scary email, really need advice March 24, 2021
    im not sure this is the right place to post this, but im kind of panickinggot this email yesterday apparently, and i want to know what level of fear should i have the part that really scarily adds up is the password, which i do use,or more accurately, DIDchanged it immediately upon seeing this email […]
  • Login Attempts March 24, 2021
    Unauthorized login attempts When reviewing my account history, I noticed there were several unsuccessful attempts (from different countries) trying to log into my Hotmail/outlook account. Any experts out there know if this is normal for most users? Advise? Tips? submitted by /u/56Researcher65 [link] [comments]

RSS Cyber Attacks, Cyber Crime and Cyber Security

RSS Krebs on Security

  • Are You One of the 533M People Who Got Facebooked? April 6, 2021
    Ne'er-do-wells leaked personal data -- including phone numbers -- for some 553 million Facebook users this week. Facebook says the data was collected before 2020 when it changed things to prevent such information from being scraped from profiles. To my mind, this just reinforces the need to remove mobile phone numbers from all of your […]
  • Ransom Gangs Emailing Victim Customers for Leverage April 5, 2021
    Some of the top ransomware gangs are deploying a new pressure tactic to push more victim organizations into paying an extortion demand: Emailing the victim's customers and partners directly, warning that their data will be leaked to the dark web unless they can convince the victim firm to pay up.
  • Ubiquiti All But Confirms Breach Response Iniquity April 4, 2021
    For four days this past week, Internet-of-Things giant Ubiquiti failed to respond to requests for comment on a whistleblower's allegations that the company had massively downplayed a "catastrophic" two-month breach ending in January to save its stock price, and that Ubiquiti's insinuation that a third-party was to blame was a fabrication. I was happy to […]
  • New KrebsOnSecurity Mobile-Friendly Site April 1, 2021
    Dear Readers, this has been long overdue, but at last I give you a more responsive, mobile-friendly version of KrebsOnSecurity. We tried to keep the visual changes to a minimum and focus on a simple theme that presents information in a straightforward, easy-to-read format. Please bear with us over the next few days as we […]
  • Whistleblower: Ubiquiti Breach “Catastrophic” March 30, 2021
    On Jan. 11, Ubiquiti Inc. [NYSE:UI] — a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras — disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. Now a source who participated in the incident response to that breach alleges Ubiquiti […]
  • No, I Did Not Hack Your MS Exchange Server March 28, 2021
    New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let's just get this out of the way right now: It wasn't me.
  • Phish Leads to Breach at Calif. State Controller March 23, 2021
    A phishing attack last week gave attackers access to email and files at the California State Controller's Office (SCO), an agency responsible for handling more than $100 billion in public funds each year. The phishers had access for more than 24 hours, and sources tell KrebsOnSecurity the intruders used that time to steal Social Security […]
  • RedTorch Formed from Ashes of Norse Corp. March 22, 2021
    Remember Norse Corp., the company behind the interactive "pew-pew" cyber attack map shown in the image blow? Norse imploded rather suddenly in 2016 following a series of managerial missteps and funding debacles. Now, the founders of Norse have launched a new company with a somewhat different vision: RedTorch, which for the past two years has […]
  • Fintech Giant Fiserv Used Unclaimed Domain March 17, 2021
    If you sell Web-based software for a living and ship code that references an unregistered domain name, you are asking for trouble. But when the same mistake is made by a Fortune 500 company, the results can range from costly to disastrous. Here's the story of one such goof committed by Fiserv [NASDAQ:FISV], a $6 […]
  • Can We Stop Pretending SMS Is Secure Now? March 16, 2021
    SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of people (many of them low-paid mobile store employees) who can be tricked or bribed into swapping control over a mobile phone number to someone else. Now we're learning about an entire ecosystem of companies […]

RSS WeLiveSecurity

  • Week in security with Tony Anscombe April 9, 2021
    Janeleiro banking trojan takes aim at Brazil – Lazarus deploys Vyveva backdoor in South Africa – The long shelf life of leaked data The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
    Editor
  • Data from 500 million LinkedIn accounts put up for sale April 9, 2021
    The treasure trove of data reportedly includes users’ LinkedIn IDs, full names, email addresses, phone numbers and workplace information The post Data from 500 million LinkedIn accounts put up for sale appeared first on WeLiveSecurity
    Amer Owaida
  • Does data stolen in a data breach expire? April 8, 2021
    Some personal information just doesn’t age – here’s what the Facebook data leak may mean for you The post Does data stolen in a data breach expire? appeared first on WeLiveSecurity
    Tony Anscombe
  • (Are you) afreight of the dark? Watch out for Vyveva, new Lazarus backdoor April 8, 2021
    ESET researchers discover a new Lazarus backdoor deployed against a freight logistics firm in South Africa The post (Are you) afreight of the dark? Watch out for Vyveva, new Lazarus backdoor appeared first on WeLiveSecurity
    Filip Jurčacko
  • $38 million worth of gift cards stolen and sold on dark web April 7, 2021
    Easy to redeem and hard to trace, gift cards remain a hot commodity in the criminal underground The post $38 million worth of gift cards stolen and sold on dark web appeared first on WeLiveSecurity
    Amer Owaida
  • Supply‑chain attacks: When trust goes wrong, try hope? April 7, 2021
    How can organizations tackle the growing menace of attacks that shake trust in software? The post Supply‑chain attacks: When trust goes wrong, try hope? appeared first on WeLiveSecurity
    Cameron Camp
  • Janeleiro, the time traveler: A new old banking trojan in Brazil April 6, 2021
    ESET Research uncovers a new threat that targets organizations operating in various sectors in Brazil The post Janeleiro, the time traveler: A new old banking trojan in Brazil appeared first on WeLiveSecurity
    Facundo Muñoz
  • Week in security with Tony Anscombe April 2, 2021
    PHP source code briefly backdoored – Prevent data loss before it's too late – The perils of owning a smart dishwasher The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
    Editor
  • Is your dishwasher trying to kill you? April 1, 2021
    Does every device in your home really need to be connected to the internet? And could your smart appliance be turned against you? The post Is your dishwasher trying to kill you? appeared first on WeLiveSecurity
    Jake Moore
  • Are you prepared to prevent data loss? March 31, 2021
    From losing cherished memories to missing deadlines, the impact of not having backups when a data disaster strikes can hardly be overstated The post Are you prepared to prevent data loss? appeared first on WeLiveSecurity
    Amer Owaida

RSS We Live CyberSecurity Feed

  • Week in security with Tony Anscombe April 9, 2021
    Janeleiro banking trojan takes aim at Brazil – Lazarus deploys Vyveva backdoor in South Africa – The long shelf life of leaked data The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
  • Data from 500 million LinkedIn accounts put up for sale April 9, 2021
    The treasure trove of data reportedly includes users’ LinkedIn IDs, full names, email addresses, phone numbers and workplace information The post Data from 500 million LinkedIn accounts put up for sale appeared first on WeLiveSecurity
  • Does data stolen in a data breach expire? April 8, 2021
    Some personal information just doesn’t age – here’s what the Facebook data leak may mean for you The post Does data stolen in a data breach expire? appeared first on WeLiveSecurity
  • (Are you) afreight of the dark? Watch out for Vyveva, new Lazarus backdoor April 8, 2021
    ESET researchers discover a new Lazarus backdoor deployed against a freight logistics firm in South Africa The post (Are you) afreight of the dark? Watch out for Vyveva, new Lazarus backdoor appeared first on WeLiveSecurity
  • $38 million worth of gift cards stolen and sold on dark web April 7, 2021
    Easy to redeem and hard to trace, gift cards remain a hot commodity in the criminal underground The post $38 million worth of gift cards stolen and sold on dark web appeared first on WeLiveSecurity
  • Supply‑chain attacks: When trust goes wrong, try hope? April 7, 2021
    How can organizations tackle the growing menace of attacks that shake trust in software? The post Supply‑chain attacks: When trust goes wrong, try hope? appeared first on WeLiveSecurity
  • Janeleiro, the time traveler: A new old banking trojan in Brazil April 6, 2021
    ESET Research uncovers a new threat that targets organizations operating in various sectors in Brazil The post Janeleiro, the time traveler: A new old banking trojan in Brazil appeared first on WeLiveSecurity
  • Week in security with Tony Anscombe April 2, 2021
    PHP source code briefly backdoored – Prevent data loss before it's too late – The perils of owning a smart dishwasher The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
  • Is your dishwasher trying to kill you? April 1, 2021
    Does every device in your home really need to be connected to the internet? And could your smart appliance be turned against you? The post Is your dishwasher trying to kill you? appeared first on WeLiveSecurity
  • Are you prepared to prevent data loss? March 31, 2021
    From losing cherished memories to missing deadlines, the impact of not having backups when a data disaster strikes can hardly be overstated The post Are you prepared to prevent data loss? appeared first on WeLiveSecurity