Google Chrome continues to be the world’s number one browser, and according to third-party stats, it’s running on over 70 percent of the desktop computers out there. In other words, more than 7 in 10 users installed Google Chrome on their PCs, despite the operating system actually coming with a different show more ...
Trying times have a way of peeling back the curtains and seeing our world with new eyes. We The post Episode 198: Must Hear Interviews from 2020 appeared first on The Security Ledger. Related StoriesEpisode 195: Cyber Monday Super Deals Carry Cyber RiskDHS Looking Into Cyber Risk from TCL Smart TVsPodcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan Hunt
In an update posted late last night, CISA said that all US government agencies that still run SolarWinds Orion platforms must update to the latest 2020.2.1HF2 version by the end of the year.
The files DataBreaches.net saw contain a lot of operational files and documents, including human resources files involving named personnel who were tested for COVID-19 and their test results.
Security consulting firm Cerberus Cyber Sentinel Corporation has acquired penetration testing company Alpine Security, to beef up their penetration testing and regulatory compliance offerings.
The attack uses three files: a dropper script (bash or PowerShell), a Golang binary worm, and an XMRig Miner—all of which are hosted on the same command and control server.
While in 2020 organizations were focused on adapting existing technology to borderless and disconnected environments, we will see a massive shift to cloud-native solutions in 2021.
According to security experts, about one in 20 web servers could be vulnerable to cross-layer and DNS poisoning attacks due to a flaw in the Linux kernel. The flaw also affects millions of Android devices.
The European Medicines Agency (EMA) was recently targeted in a cyberattack, in which documents associated with vaccine development had been accessed.
The Virginia senator, Mark Warner, said gaps in U.S, and international law are making it difficult for the government to prevent large-scale hacks and called for tighter controls to be enacted.
The internal networks of Lithuania's National Center for Public Health (NVSC) and several municipalities have been infected with Emotet following a large campaign targeting the country's institutions.
T-Mobile states that the breach did not expose account holders' names, physical addresses, email addresses, financial data, credit card details, social security numbers, tax IDs, passwords, or PINs.
FireEye has named the threat actor “UNC2452,” and Volexity dubbed the threat actor “Dark Halo,” stating that the actor is the same as UNC2452, though FireEye has not substantiated that claim.
The unprecedented cyber attack on U.S. government agencies reported this month may have started earlier than last spring as previously believed, a U.S. senator involved in cybersecurity said.
Sberbank, a major money lender in the Russian Federation, has released a report that claims that the loss incurred by Russian companies because of cyberattacks in 2020 was about $49 billion.
This breach occurred when GetSchooled, a charity founded by the Bill & Melinda Gates Foundation in collaboration with Viacom, left a database open to anyone with a browser and internet connection.
The archive was leaked on November 27-28. It appears to have been posted on the hacker forum after Door Controls USA seemingly refused to pay ransom to attackers who breached the company’s network.
With the Flash Player officially reaching the end of life tomorrow, Adobe has started to display alerts on Windows computers recommending that users uninstall Flash Player.
The City of Cornelia’s data system is offline following a ransomware attack the day after Christmas. City Manager Donald Anderson confirmed the attack in a press release to local media on Tuesday.
The Zoom Meeting Connector suffers from a post-authentication remote root code execution vulnerability via the proxy server functionality. Zoom has patched this issue around 12/29/2020 and every user should update to the latest client to ensure they are not vulnerable.
Openpilot has a default SSH key that can allow attackers remote access if not changed. This script port scans and attempts to login to Openpilot SSH servers with the default key.
qdPM versions 9.1 and below suffer from an executeExport PHP object injection vulnerability.
114 bytes small Linux/x86 reverse TCP shellcode.
