February 15, 2021

Actiphy announces the release of the next generation of ActiveVisor, a centralized management solution for ActiveImage Protector backup clients, with many new features including enhanced integration with Microsoft’s Active Directory Services. The Covid…

Read More Actiphy launches next-gen ActiveVisor, a management solution for ActiveImage Protector backup clients

Tyto Athene announce partnership with Tellabson on the launch of the ACUITY LAN Solution. Tyto Athene’s ACUITY Micro Data Center was developed to deliver mission-critical edge processing, analytics and unified communications in a turn-key solution that…

Read More Tyto Athene and Tellabson launch ACUITY LAN to bring network readiness in a two person carry form-factor

VMware released security patches for a potentially serious vulnerability affecting the vSphere Replication product. VMware has recently released security patches to address a serious command injection vulnerability, tracked as CVE-2021-21976, in its vSphere Replication product. VMware vSphere Replication is an extension to VMware vCenter Server that provides hypervisor-based virtual machine replication and recovery. vSphere Replication […]

The post VMware fixes command injection issue in vSphere Replication appeared first on Security Affairs.

Read More VMware fixes command injection issue in vSphere Replication

As a total sucker for anything skimming-related, I was interested to hear from a reader working security for a retail chain in the United States that recently found bluetooth-enabled skimming devices placed over top of payment card terminals at several stores. Interestingly, these skimmers interfered with the terminal’s ability to read chip-based cards, forcing customers to swipe the stripe instead.

Read More Bluetooth Overlay Skimmer That Blocks Chip

French agency ANSSI attributes a series of attacks targeting Centreon servers to the Russia-linked Sandworm APT group. The French security agency ANSSI is warming of a series of attacks targeting Centreon monitoring software used by multiple French organizations and attributes them to the Russia-linked Sandworm APT group. The first attack spotted by ANSSI experts dates back […]

The post France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers appeared first on Security Affairs.

Read More France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Vice is reporting on a new police hack: playing copyrighted music when being filmed by citizens, trying to provoke social media sites into taking the videos down and maybe even banning the filmers:

In a separate part of the video, which Devermont says was filmed later that same afternoon, Devermont approaches [BHPD Sgt. Billy] Fair outside. The interaction plays out almost exactly like it did in the department — when Devermont starts asking questions, Fair turns on the music.

Devermont backs away, and asks him to stop playing music. Fair says “I can’t hear you” — again, despite holding a phone that is blasting tunes…

Read More Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed

Vice is reporting on a new police hack: playing copyrighted music when being filmed by citizens, trying to provoke social media sites into taking the videos down and maybe even banning the filmers:

In a separate part of the video, which Devermont says was filmed later that same afternoon, Devermont approaches [BHPD Sgt. Billy] Fair outside. The interaction plays out almost exactly like it did in the department — when Devermont starts asking questions, Fair turns on the music.

Devermont backs away, and asks him to stop playing music. Fair says “I can’t hear you” — again, despite holding a phone that is blasting tunes…

Read More Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed

Microsoft says it found 1,000-plus developers’ fingerprints on the SolarWinds attack Microsoft’s analysis of the SolarWinds supply chain attack revealed that the code used by the threat actors was the work of a thousand developers. Microsoft president Brad Smith provided further details about the investigation of the SolarWinds supply chain attack, the company’s analysis of […]

The post The malicious code in SolarWinds attack was the work of 1,000+ developers appeared first on Security Affairs.

Read More The malicious code in SolarWinds attack was the work of 1,000+ developers

Today’s podcast reports on more allegations of hacked Supermicro motherboards, ransomware group members allegedly arrested Ukraine and warning to tax professionals
The post Cyber Security Today – More allegations of hacked Supermicro motherboards, repo…

Read More Cyber Security Today – More allegations of hacked Supermicro motherboards, reports of ransomware group arrested and warning to tax professionals

At the virtual Enigma Conference, Google’s Project Zero’s Maggie Stone gave a talk about zero-day exploits in the wild. In it, she talked about how often vendors fix vulnerabilities only to have the attackers tweak their exploits to work again. From a MIT Technology Review article:

Soon after they were spotted, the researchers saw one exploit being used in the wild. Microsoft issued a patch and fixed the flaw, sort of. In September 2019, another similar vulnerability was found being exploited by the same hacking group.

More discoveries in November 2019, January 2020, and April 2020 added up to at least five zero-day vulnerabilities being exploited from the same bug class in short order. Microsoft issued multiple security updates: some failed to actually fix the vulnerability being targeted, while others required only slight changes that required just a line or two to change in the hacker’s code to make the exploit work again…

Read More On Vulnerability-Adjacent Vulnerabilities

The evolution of technologies and Internet connectivity has ushered in a new revolution where data transfer has become faster than ever before. On the other hand, this has also resulted in increased data threats to organizations, with rising incidences of data breaches being reported on a massive scale. Apart from the financial implications, these cyber-attacks […]

The post Top 31 Cybersecurity Tips You Must Follow To Protect Your Data appeared first on CyberDB.

Read More Top 31 Cybersecurity Tips You Must Follow To Protect Your Data

An international operation conducted in Ukraine and France lead to the arrest of criminals believed to be affiliated with the Egregor RaaS. Some affiliated with the Egregor RaaS, not the main ransomware gang, have been arrested as a result of a joint operation conducted by law enforcement in Ukraine and France. Authorities did not reveal […]

The post French and Ukrainian police arrested Egregor ransomware affiliates/partners in Ukraine appeared first on Security Affairs.

Read More French and Ukrainian police arrested Egregor ransomware affiliates/partners in Ukraine