TrickBot’s New Tactic Threatens Firmware
A newly discovered module checks machines for flaws in the UEFI/BIOS firmware so malware can evade detection and persist on a device.TrickBot malware has a new, and dangerous, trick:...
FBI: BEC Scammers Could Abuse Email Auto-Forwarding
Private Industry Notification warns of the role email auto-forwarding could be used in business email compromise attacks.The FBI's Cyber Division has issued a Private Industry Notification (PIN) warning companies...
Cybersecurity in the Biden Administration: Experts Weigh In
Security pros and former government employees share their expectations and concerns for the new administration - and their hope for a "return to normal."President-elect Joe Biden's transition team has...
Malicious or Vulnerable Docker Images Widespread, Firm Says
A dynamic analysis of the publicly available images on Docker Hub found that 51% had critical vulnerabilities and about 6,500 of the 4 million latest images could be considered...
Inside North Korea’s Rapid Evolution to Cyber Superpower
Researchers examine North Korea's rapid evolution from destructive campaigns to complex and efficient cyber operations.It took only a few years for North Korea to advance its cyber capabilities from...
German users targeted with Gootkit banker or REvil ransomware
After a noted absence, the Gootkit banking Trojan returns en masse to hit Germany. In an interesting twist, some of the victims may receive ransomware instead.
This blog post...
Industrial Computer Maker Confirms Ransomware, Data Theft
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database
CVE-2020-29440PUBLISHED: 2020-11-30
Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body...
Baltimore County Public Schools Closed Due to Ransomware Attack
The incident struck the day before Thanksgiving and interfered with online classes for some 115,000 students, officials report.Schools in the Baltimore County Public Schools (BCPS) system are closed Nov....
Look Beyond the ‘Big 5’ in Cyberattacks
Don't ignore cyber operations outside US and European interests, researcher says. We can learn a lot from methods used by attackers that aren't among the usual suspects. Western cybersecurity...
Do You Know Who’s Lurking in Your Cloud Environment?
A security researcher explains the dangers of poor visibility in the cloud and a new strategy to evaluate IAM exposure in Google Cloud Platform.Most organizations don't have full visibility...
