Security News

Find latest security news in the field of PC, Computer, Network Security.

• MrbMiner crypto-mining operation linked to Iranian software firm
  Despite the Sophos report ousting the MrbMiner group today, the botnet is expected to continue to operate with impunity.
  
• Ransomware is now the biggest cybersecurity concern for CISOs
  Phishing, account compromise and business email compromise attacks are all worries for organisations - but it's fear of ransomware attacks that is causing the biggest concern.
  
• Automated exploit of critical SAP SolMan vulnerability detected in the wild
  Proof-of-concept exploit code was published last week.
  
• This phishing scam left thousands of stolen passwords exposed through Google search
  A mistake on the part of the cyberattackers led to their discovery -- and that of the data they pillaged.
  
• NSA urges system administrators to replace obsolete TLS protocols
  NSA: Obsolete encryption provides a false sense of security.
  
• Microsoft: How 'zero trust' can protect against sophisticated hacking attacks
  Microsoft's director of identity security is urging customers to do some security house cleaning: deploy multi-factor authentication and tighten up permissions on user and vendor accounts.
  
• Best antivirus software in 2021
  Malware is rife, and protection isn't just a good idea, it's a must. Here is a roundup of the best software and apps for Windows and Mac computers, as well as iOS and Android devices, to keep you and your data safe from malware and viruses.
  
• Ransomware victims that have backups are paying ransoms to stop hackers leaking their stolen data
  Ransomware attacks are proving more lucrative for cyber criminals as even organisations that can restore from backups are paying ransom demands to prevent further damage.
  
• Better than the best password: How to use 2FA to improve your security
  Want to avoid having your online accounts hacked? Enable two-factor authentication, a crucial security measure that requires an extra step when signing in to high-value services. In this post, I explain how to set up 2FA and which accounts to focus on first.
  
• Cyberattack fears raise the alarm in Eastern European countries
  Developing Eastern European countries fear the worst after witnessing attacks elsewhere.
  
• Google Searches Expose Stolen Corporate Credentials
  A phishing campaign spoofs Xerox notifications to lure victims into clicking on malicious HTML attachments.
  
• Critical Cisco SD-WAN Bugs Allow RCE Attacks
  Cisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite.
  
• NVIDIA Gamers Face DoS, Data Loss from Shield TV Bugs
  The company also issued patches for Tesla-based GPUs as part of an updated, separate security advisory.
  
• Malwarebytes Hit by SolarWinds Attackers
  The attack vector was not the Orion platform but rather an email-protection application for Microsoft 365.
  
• Investment Scammers Prey on Dating App Users, Interpol Warns
  Users of dating apps - like Tinder, Match and Bumble - should be on the lookout for investment-fraud scammers.
  
• Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms
  Mystery of spying using popular chat apps uncovered by Google Project Zero researcher.
  
• DNSpooq Flaws Allow DNS Hijacking of Millions of Devices
  Seven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution.
  
• Rob Joyce to Take Over as NSA Cybersecurity Director
  Joyce will replace Anne Neuberger, who is now deputy national security advisor for the incoming Biden administration.
  
• SolarWinds Malware Arsenal Widens with Raindrop
  The post-compromise backdoor installs Cobalt Strike to help attackers more laterally through victim networks.
  
• Linux Devices Under Attack by New FreakOut Malware
  The FreakOut malware is adding infected Linux devices to a botnet, in order to launch DDoS and cryptomining attacks.