Logo Cyber News
Logo Dorin M Wolf
 
- NSA and CISA release Final Part IV of Guidance on securing 5G cloud infrastructures. (to the original material)
 
- Improving OSS-Fuzz and Jazzer to catch Log4Shell. (to the original material)
 
Cybersecurity news of the week (16.12.2021). (to the original material)
 
Critical vulnerability in Kerberos Privilege Attributes Certificate. (to the original material)
 
Emotet starts dropping Cobalt Strike again for faster attacks. (to the original material)
 
How to implement security into software design from the get-pro. (to the original material)
 
Europe's quantum communication plans: Defending against state-sponsored cyberattacks. (to the original material)
 
When done right, network segmentation brings rewards. (to the original material)
 
Online shopping at risk: Mobile applications and API cyber attacks at critical high. (to the original material)
 
- Security priorities are geared toward ongoing remote and hybrid work. (to the original material)
 
Adoption of private 5G networks accelerates, as organizations look to improve security and speed. (to the original material)
 
Log4j attackers switch to injecting Monero miners via RMI (LDAP callback to RMI). (to the original material)
 
Facebook disrupts the operations of seven surveillance-for-hire firms. (to the original material)
 
McMenamins breweries hit by a Conti ransomware attack. (to the original material)
 
Google Calendar now lets you block invitation phishing attempts. (to the original material)
 
Microsoft: Khonsari ransomware hits self-hosted Minecraft servers. (to the original material)
 
Gumtree classifieds website leaks personal information via the F12 key. (to the original material)
 
Lenovo laptops are vulnerable to bugs allowing administrator privileges. (to the original material)
 
Hive ransomware enters the big league with hundreds breached in four months. (to the original material)
 
Phorpiex botnet returns with new tricks making it harder to disrupt. (to the original material)
 
Firefox users can't reach Microsoft.com – Here's what to do. (to the original material)
 
New Jersey Cancer Care Providers settle data breach claims. (to the original material)
 
US and Australia enter Cloud Act Agreement. (to the original material)
 
France orders Clearview AI (the American facial recognition software firm) to delete data. (to the original material)
 
60% of UK workers have been victims of a cyberattack, yet awareness remains low. (to the original material)
 
Online shoppers could face 8 million credential stuffing attacks per day over Christmas. (to the original material)
 
All changes at the top as new ransomware groups emerge. (to the original material)
 
Regulator: Venues must protect user privacy during Covid-19 checks. (to the original material)
 
Experts: All breach victims should freeze credit. (to the original material)
 
How to find and fix a WordPress Pharma hack. (to the original material)
 
Industrial cybersecurity requires unique skills. A new apprenticeship program aims to hone them. (to the original material)
 
Mayorkas: US and the EU working to "operationalize" the relationship on ransomware. (to the original material)
 
Regional Cancer Care to pay $425,000 to New Jersey over 2019 data breach and HIPPA violations. (to the original material)
 
DHS moves to make bug bounty programs a permanent fixture. (to the original material)
 
Senate Committee passes amended version of cloud security bill. (to the original material)
 
Growing ransomware threat requires greater FSI preparation. (to the original material)
 
Web app attacks rise by 251% in two years. (to the original material)
 
More details on Log4Shell attacks. (to the original material)
 
Anubis banking trojan resurfaces to cripple over 400 financial firms. (to the original material)
 
Mass spyware campaign targets thousands of ICS computers around the world. (to the original material)
 
- Ransomware attackers have "industry standards" too. (to the original material)
 
Firefox fixes password leak via the Windows Cloud Clipboard feature. (to the original material)
 
Suspected Iranian hackers target airlines with a new backdoor. (to the original material)
 
- Victims awarded $18 million in GirlsDoPorn online video case, boss on the run. (to the original material)
 
- SAP squashes SQL injection and XSS bugs in December patch round. (to the original material)
 
Egyptian politician hacked by 2 government hacking groups, researchers say. (to the original material)
 
Signal expands encrypted group video calls to 40 people. (to the original material)
 
Businesses are losing a massive amount of time to vulnerability prioritization.  (to the original material)
 
4 ways IP data can help fight cybercrime. (to the original material)
 
3 ways ZTNA (zero-trust network access) improves the security of remote access. (to the original material)
 
- Trust in Legacy vendors sinks as ransomware spikes. (to the original material)
 
- If you think Facebook is bad for privacy, wait until you see Mark Zuckerberg’s Metaverse. (to the original material)

 

Logo Dorin M Wolf

No thoughts on “News from Cyber Security (16.12.2021)”