A data breach forced this family to move home and change their names (ZDNet)
No More Ransom project has prevented ransomware profits of at lest $108 million (ZDNet)
Ransomware crooks hit Synology NAS devices with brute-force password attacks (ZDNet)
Malicious 'Google' domains used in Magento card card skimmer attacks (ZDNet)
Cyberlaw wonks squint at NotPetya insurance smackdown: Should 'war exclusion' clauses apply to network hacks? (The Register)
How to prevent unsigned Docker images from being pulled (TechRepublic)
Vulnerabilities Found in Mitsubishi Inverter Engineering Software (SecurityWeek)
Cannabis authentication system roots out counterfeit weed (ZDNet)
Live Webinar Close the Gap on Insider Threat: Granular Access Controls Behavior Analytics (InfoRiskToday)
Sanctions-hit Russian developers fingered for crafting 'Monokle' Android snoopware (The Register)
Johannesburg Utility Recovering After Ransomware Attack (InfoRiskToday)
Health IT Groups Push for OK of National Patient ID Measure (InfoRiskToday)
Researchers Discover Android Surveillance Malware Built by Sanctioned Russian Firm (SecurityWeek)
Telegram voicemail hack used against Brazil's president, ministers (ZDNet)
66% of SMBs don't believe they are vulnerable to cyberattacks (TechRepublic)
MyDoom: The 15-year-old malware that's still being used in phishing attacks in 2019 (ZDNet)
GitHub starts blocking developers in countries facing US trade sanctions (ZDNet)
Louisiana Declares Emergency After Malware Attacks (InfoRiskToday)
Mirai-Based Botnet Launches Massive DDoS Attack on Streaming Service (SecurityWeek)
ADT techie admits he peeked into women's home security cams thousands of times to watch them undress, have sex (23 January 2021)
Scottish enviro bods shrug off ransomware gang's extortion attempt as 4,000 files dumped online, saying it's nothing big (22 January 2021)
Clop ransomware gang clips sensitive files from Atlantic Records' London ad agency The7stars, dumps them online (22 January 2021)
Microsoft Edge goes homomorphic: Nobody will see your credentials... but you'll need to sign in to use it (22 January 2021)
It's 2021 and you can hijack a Cisco SD-WAN deployment with malicious IP traffic and a buffer overflow. Patch now (22 January 2021)
Laptops given to British schools came preloaded with remote-access worm (21 January 2021)
Microsoft SolarWinds analysis: Attackers hid inside Windows systems by wearing the skins of legit processes (21 January 2021)
Wherever your apps, users and data are heading, is your backup keeping up? (20 January 2021)
Malwarebytes says its Office 365, Azure tenancies invaded by SolarWinds hackers, insists its tools are still safe to use (20 January 2021)
Slack has entered the Matrix: Element builds a bridge to realm of encrypted, decentralised comms (20 January 2021)
Open banking is the future, so let’s secure the APIs (20 January 2021)
Dnsmasq, used in only a million or more internet-facing devices globally, patches not-so-secret seven spoofing, hijacking flaws (20 January 2021)
FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion (19 January 2021)
Labour Party urges UK data watchdog to update its Code of Employment Practices to tackle workplace snooping (19 January 2021)
AnyVan confirms digital break-in, says customer names, emails and hashed passwords exposed (19 January 2021)
Scottish Environment Protection Agency refuses to pay ransomware crooks over 1.2GB of stolen data (18 January 2021)
Bye bye, said Trump admin to Huawei: You give a cheque-ie to our techies, but there's no licence to ply (18 January 2021)
Hallowed Bugtraq infosec list killed then resurrected over the weekend: We heard your feedback, says Accenture (18 January 2021)
Signal boost: Secure chat app is wobbly at the moment. Not surprising after gaining 30m+ users in a week, though (15 January 2021)
Coming in at number 5, it's a blast from the past! Tenable's 2020 security flaw chart show features hits of yesteryear (14 January 2021)
Microsoft Edge, Google Chrome Roll Out Password Protection Tools (22 Jan 2021)
Amazon Kindle RCE Attack Starts with an Email (22 Jan 2021)
ADT Tech Hacks Home-Security Cameras to Spy on Women (22 Jan 2021)
Discord-Stealing Malware Invades npm Packages (22 Jan 2021)
Ransomware Attackers Publish 4K Private Scottish Gov Agency Files (22 Jan 2021)
Threat Actors Can Exploit Windows RDP Servers to Amplify DDoS Attacks (22 Jan 2021)
Einstein Healthcare Network Announces August Breach (21 Jan 2021)
SQL Server Malware Tied to Iranian Software Firm, Researchers Allege (21 Jan 2021)
Google Forms Set Baseline For Widespread BEC Attacks (21 Jan 2021)
Google Searches Expose Stolen Corporate Credentials (21 Jan 2021)
Rogue CCTV technician spied on hundreds of customers during intimate moments
SonicWall says it was hacked using zero-days in its own products
FSB warns of US cyberattacks after Biden administration comments
As Bitcoin price surges, DDoS extortion gangs return in force
New website launched to document vulnerabilities in malware strains
Cisco warns on critical security vulnerabilities in SD-WAN software, so update now
Eight Cisco and CompTIA courses that will prep you for a career in cybersecurity
Hackers publish thousands of files after government agency refuses to pay ransom
SEC calls out dubious cryptocurrency traders, miners soliciting customers worldwide
Windows RDP servers are being abused to amplify DDoS attacks
Microsoft is rolling out password monitor, tab sync, sleeping tabs and other new Edge features
QNAP warns users of a new crypto-miner named Dovecat infecting their devices
Singapore widens security labelling to include all consumer IoT devices
Hacker leaks data of millions of Teespring users
Microsoft: This is how the sneaky SolarWinds hackers hid their onward attacks for so long
MrbMiner crypto-mining operation linked to Iranian software firm
Ransomware is now the biggest cybersecurity concern for CISOs
Automated exploit of critical SAP SolMan vulnerability detected in the wild
This phishing scam left thousands of stolen passwords exposed through Google search
NSA urges system administrators to replace obsolete TLS protocols
Powered by IP2Location.com