SecurityWeek

Chipmaker Intel Corp. Blames Internal Error on Data Leak

Security Week - Sat, 01/23/2021 - 3:23pm

The computer chipmaker Intel Corp. on Friday blamed an internal error for a data leak that prompted it to release a quarterly earnings report early. It said its corporate network was not compromised.

read more

Categories: SecurityWeek

SonicWall Says Internal Systems Targeted by Hackers Exploiting Zero-Day Flaws

Security Week - Sat, 01/23/2021 - 7:07am

Cybersecurity firm SonicWall said late on Friday that some of its internal systems were targeted by “highly sophisticated threat actors” exploiting what appear to be zero-day vulnerabilities affecting some of the company’s products.

read more

Categories: SecurityWeek

Microsoft Edge Adds Password Generator, Drops Support for Flash, FTP

Security Week - Fri, 01/22/2021 - 12:53pm

Microsoft has shipped the stable version of the Microsoft Edge 88 browser, featuring a brand new Password Generator and the ability to alert on compromised credentials.   The browser refresh also drops support for the FTP protocol and for the Adobe Flash plugin.

read more

Categories: SecurityWeek

Biden Orders Intel Agencies to Provide Full Assessment of SolarWinds Hack

Security Week - Fri, 01/22/2021 - 11:03am

Just says into his leadership role, U.S. President Joe Biden has instructed U.S. intelligence agencies to provide him with a detailed assessment of the SolarWinds hack, which fueled a global cyber espionage campaign impacting many high-profile government agencies and businesses.

read more

Categories: SecurityWeek

Intel's Early Earnings Release Triggered by Hack

Security Week - Fri, 01/22/2021 - 11:02am

U.S. chip-making giant Intel Corp. has acknowledged a website hack and premature data disclosure forced the early release of its earnings report for the fourth quarter of 2020.

read more

Categories: SecurityWeek

Sophos: Crypto-Jacking Campaign Linked to Iranian Company

Security Week - Fri, 01/22/2021 - 9:56am

An Iran-based software company is likely behind a recently identified crypto-jacking campaign targeting SQL servers, according to a report by British anti-malware vendor Sophos.

read more

Categories: SecurityWeek

QNAP Warns NAS Users of 'dovecat' Malware Attacks

Security Week - Fri, 01/22/2021 - 8:28am

QNAP this week warned users of attacks targeting QNAP NAS (network-attached storage) devices with a piece of malware named “dovecat.”

read more

Categories: SecurityWeek

Thousands of Unprotected RDP Servers Can Be Abused for DDoS Attacks

Security Week - Fri, 01/22/2021 - 7:03am

Cybercriminals have been abusing unprotected servers running Microsoft’s Remote Desktop Protocol (RDP) service to launch distributed denial-of-service (DDoS) attacks, application and network performance management company NETSCOUT warned this week.

read more

Categories: SecurityWeek

Enterprise Credentials Publicly Exposed by Cybercriminals

Security Week - Thu, 01/21/2021 - 12:45pm

Cybercriminals behind a successful phishing campaign have exposed more than 1,000 corporate employee credentials on the Internet, according to a warning from security vendor Check Point.

read more

Categories: SecurityWeek

Drupal Updates Patch Another Vulnerability Related to Archive Files

Security Week - Thu, 01/21/2021 - 11:13am

Security updates released this week by the developers of the Drupal content management system (CMS) patch a vulnerability identified in a third-party library.

read more

Categories: SecurityWeek

Multi-Cloud Network Security Provider Valtix Raises $12.5 Million

Security Week - Thu, 01/21/2021 - 10:39am

Multi-cloud network security platform provider Valtix on Thursday announced that it raised $12.5 million in strategic funding.

read more

Categories: SecurityWeek

Microsoft Details OPSEC, Anti-Forensic Techniques Used by SolarWinds Hackers

Security Week - Thu, 01/21/2021 - 10:25am

Microsoft on Wednesday released another report detailing the activities and the methods of the threat actor behind the attack on IT management solutions firm SolarWinds, including their malware delivery methods, anti-forensic behavior, and operational security (OPSEC).

read more

Categories: SecurityWeek

Cisco Patches Critical Vulnerabilities in SD-WAN, DNA Center, SSMS Products

Security Week - Thu, 01/21/2021 - 9:05am

Cisco this week released patches to address a significant number of vulnerabilities across its product portfolio, including several critical flaws in SD-WAN products, DNA Center, and Smart Software Manager Satellite (SSMS).

read more

Categories: SecurityWeek

Amazon Awards $18,000 for Exploit Allowing Kindle E-Reader Takeover

Security Week - Thu, 01/21/2021 - 7:26am

Amazon has awarded an $18,000 bug bounty for an exploit chain that could have allowed an attacker to take complete control of a Kindle e-reader simply by knowing the targeted user’s email address.

read more

Categories: SecurityWeek

Scanning Activity Detected After Release of Exploit for Critical SAP SolMan Flaw

Security Week - Wed, 01/20/2021 - 11:52pm

A Russian researcher has made public on GitHub a functional exploit targeting a critical vulnerability that SAP patched in its Solution Manager product in March 2020.

read more

Categories: SecurityWeek

'LuckyBoy' Malvertising Campaign Hits iOS, Android, XBox Users

Security Week - Wed, 01/20/2021 - 12:18pm

A recently identified malvertising campaign targeting mobile and other connected devices users makes heavy use of obfuscation and cloaking to avoid detection.

read more

Categories: SecurityWeek

In a Remote Work Era, a People-First Approach Keeps Threat Intelligence Teams on Track

Security Week - Wed, 01/20/2021 - 11:34am

Far Too Many Organizations Are Still Failing to Develop Intelligence Requirements Based on the Needs of Their Stakeholders

read more

Categories: SecurityWeek

Snort 3 Becomes Generally Available

Security Week - Wed, 01/20/2021 - 11:04am

Snort 3 was officially released on Tuesday and users have been advised to switch to Snort 3 from any previous version of the popular intrusion prevention and intrusion detection system (IPS/IDS).

read more

Categories: SecurityWeek

Oracle's January 2021 CPU Contains 329 New Security Patches

Security Week - Wed, 01/20/2021 - 10:42am

Oracle this week announced the availability of its first cumulative set of security fixes for 2021, which includes a total of 329 new patches.

read more

Categories: SecurityWeek

Ransomware Took Heavy Toll on US in 2020: Researchers

Security Week - Wed, 01/20/2021 - 9:42am

Ransomware attacks took a heavy toll on the United States last year with more than 2,000 victims in government, education and health care, security researchers say in a new report.

read more

Categories: SecurityWeek

Pages