Security researchers have found a new set of vulnerabilities that impact hundreds of millions of servers, smart devices, and industrial equipment. Called NAME:WRECK, the vulnerabilities have been discovered by enterprise IoT security firm Forescout as part of its internal research program named Project Memoria — which the company describes as “an initiative that aims at providing the cybersecurity community with the largest study on the security of TCP/IP stacks.”
An Indian security researcher has published details today about a zero-day vulnerability impacting Google Chrome, Microsoft Edge, and other Chromium-based browsers like Opera and Brave.
‘They knew I was running late to meetings’: Former DHS chief on reports that SolarWinds hackers targeted his emails
Former Acting Secretary for the Department of Homeland Security Chad Wolf on Monday recounted the intense first days of the SolarWinds crisis, and remarked on recent reports that the suspected Russian hackers behind the attack had gained access to his email account. “My first question was: were these unclassified email accounts? The answer was yes,” Wolf said at a virtual talk hosted by the Heritage Foundation. “It’s still concerning, but it would have been even more of a concern if they had access to the lines that DHS does its most sensitive work on.”
The Biden administration on Monday said it has picked two National Security Agency veterans to serve in top cybersecurity leadership roles. Chris Inglis will be nominated to serve as the country’s first National Cyber Director, and Jen Easterly will be tapped to run the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, or CISA. Both positions require Senate confirmation, which could take several months…
Microsoft said today it spotted a cybercrime operation abusing contact forms on legitimate websites to target companies and their workers in attempts to infect them with the IcedID malware.
The official client for APKPure, the second-largest Android app store after the Google Play Store, was compromised with malware this week, three security firms said on Friday.
The FBI has arrested on Thursday a Texas man who planned to blow up one of the Amazon Web Services (AWS) data centers in an attempt to “kill of about 70% of the internet.”
The group behind the Maze and Egregor ransomware operations are believed to have earned at least $75 million worth of Bitcoin from ransom payments following intrusions at companies all over the world.
A security firm said this week it found malware on Huawei’s official Android app store, the AppGallery. Russian antivirus maker Dr.Web said it found ten apps from three developers that were infected with Joker, a type of Android malware that subscribes users to premium phone services in a tactic known as WAP fraud.