Cyber Security News
- DNSpooq Flaws Allow DNS Hijacking of Millions of DevicesSeven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution.Lindsey O'Donnell
- Rob Joyce to Take Over as NSA Cybersecurity DirectorJoyce will replace Anne Neuberger, who is now deputy national security advisor for the incoming Biden administration.Becky Bracken
- SolarWinds Malware Arsenal Widens with RaindropThe post-compromise backdoor installs Cobalt Strike to help attackers more laterally through victim networks.Tara Seals
- Linux Devices Under Attack by New FreakOut MalwareThe FreakOut malware is adding infected Linux devices to a botnet, in order to launch DDoS and cryptomining attacks.Lindsey O'Donnell
- Attackers Steal E-Mails, Info from OpenWrt ForumUsers of the Linux-based open-source firmware—which include developers from commercial router companies--may be targeted by phishing campaigns, administrators warn.Elizabeth Montalbano
- Medical Device Security: Diagnosis CriticalMedical-device security has long been a challenge, suffering the same uphill management battle that the entire sprawling mess of IoT gadgets has faced.Tom Spring
- CES 2021 Gadgets: Worst in Privacy and Security AwardsExpert panel awards dubious honors to 2021 Consumer Electronics Show’s biggest flops, including security and privacy failures.Becky Bracken
- Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’Starting Feb. 9, Microsoft will enable Domain Controller “enforcement mode” by default to address CVE-2020-1472.Lindsey O'Donnell
- Apple Kills MacOS Feature Allowing Apps to Bypass FirewallsSecurity researchers lambasted the controversial macOS Big Sur feature for exposing users' sensitive data.Lindsey O'Donnell
- Google Boots 164 Apps from Play Marketplace for Shady Ad PracticesThe tech giant removes 164 more offending Android apps after banning software showing this type of behavior from the store last year.Elizabeth Montalbano