Our news
-
DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report
The attack was mounted via SolarWinds Orion, in a manual and targeted supply-chain effort.
-
Microsoft Office 365 Credentials Under Attack By Fax ‘Alert’ Emails
Emails from legitimate, compromised accounts are being sent to numerous enterprise employees with the aim of stealing their O365 credentials.
-
New Windows Trojan Steals Browser Credentials, Outlook Files
The newly discovered Python-based malware family targets the Outlook processes, and browser credentials, of Microsoft Windows victims.
-
Active Exploitation of SolarWinds Software
Original release date: December 13, 2020 The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of a vulnerability in SolarWinds Orion Platform software versions 2019.4 through 2020.2.1, which was released between March 2020 through June 2020. CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye’s GitHub page for…
-
Security Issues in PoS Terminals Open Consumers to Fraud
Point-of-sale terminal vendors Verifone and Ingenico have issued mitigations after researchers found the devices use default passwords.
-
PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers
The malware takes aim at PostgreSQL database servers with never-before-seen techniques.
-
Feds: K-12 Cyberattacks Dramatically on the Rise
Attackers are targeting students and faculty alike with malware, phishing, DDoS, Zoom bombs and more, the FBI and CISA said.
-
Cisco Releases Security Updates for Jabber Desktop and Mobile Client Software
Original release date: December 11, 2020 Cisco has released security updates to address vulnerabilities in Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review…
-
Defending the Intelligent Edge from Evolving Attacks
Fortinet’s Aamir Lakhani discusses best practices for securing company data against next-gen threats, like edge access trojans (EATs).
-
Adobe Releases Security Updates for Acrobat and Reader
Original release date: December 10, 2020 Adobe has released security updates to address a vulnerability in Acrobat and Reader. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletin APSB20-75 and apply the necessary updates. This product is provided subject…