Microsoft Releases New Info on SolarWinds Attack Chain
Threat actors went to elaborate lengths to maintain operational security around second-stage payload activation, company says.
Read MoreExploring the depths of cybercrime and espionage
Deep Dark Depths
Exploring the depths of cybercrime and espionage
Critical Cisco SD-WAN Bugs Allow RCE Attacks
Cisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite.
Read More
Microsoft shares how SolarWinds hackers evaded detection
Microsoft today shared details on how the SolarWinds hackers were able to remain undetected by hiding their malicious activity inside the networks of breached companies.
Read More
NVIDIA Gamers Face DoS, Data Loss from Shield TV Bugs
The company also issued patches for Tesla-based GPUs as part of an updated, separate security advisory.
Read More
VLC Media Player 3.0.12 fixes multiple remote code execution flaws
VideoLan released VLC Media Player 3.0.12 for Windows, Mac, and Linux last week with numerous improvements, features, and security fixes.
Read More
Trump Pardons Google Trade Secret Thief
A former executive of Google subsidiary Waymo, imprisoned in the United States for stealing a trade secret and sharing it with rival company Uber, has been pardoned by outgoing president Donald Trump.
Read MoreMalwarebytes Hit by SolarWinds Attackers
The attack vector was not the Orion platform but rather an email-protection application for Microsoft 365.
Read MoreHacker leaks full database of 77 million Nitro PDF user records
A stolen database containing the email addresses, names, and passwords of more than 77 million records of Nitro PDF service users was leaked today for free. […]
Read More
Malwarebytes: SolarWinds Hackers Read Our Emails
Malwarebytes has confirmed that the SolarWinds attackers managed to access internal emails, although via a different intrusion vector to many victims.
Read MoreHacker posts 1.9 million Pixlr user records for free on forum
A hacker has leaked 1.9 million Pixlr user records containing information that could be used to perform targeted phishing and credential stuffing attacks.
Read More
Coin-Mining Malware Volumes Soar 53% in Q4 2020
Detections of crypto-mining malware surged by 53% quarter-on-quarter in the final three months of 2020 as the value of Bitcoin soared, according to Avira.
Read More
Microsoft Defender to enable full auto-remediation by default
Microsoft will enable fully automated threat remediation by default for Microsoft Defender for Endpoint customers who have opted into public previews starting next month, on February 16, 2021.
Read More
IObit forums hacked to spread ransomware to its members
Windows utility developer IObit was hacked over the weekend to perform a widespread attack to distribute the strange DeroHE ransomware to its forum members.
Read More
OpenWRT Forum user data stolen in weekend data breach
The OpenWRT forum, a large community of enthusiasts of alternative, open-source operating systems for routers, announced a data breach.
Read More
MoD Experiences 18% Growth in Personal Data Loss Incidents
The UK’s Ministry of Defense (MoD) experienced an 18% rise in personal data loss incidents in the financial year 2019/20, according to official figures analyzed by the Parliament Street Think Tank.
Read More