What are the hottest articles and resources being discussed by the Cybersecurity community? Find them here weekly on our Weekly Cyber Breakdown so you don't miss a beat!
Critical and high-severity vulnerabilities discovered by researchers in F5 Networks' BIG-IP application delivery controller (ADC) allow a remote attacker to take complete control of the targeted system. The vulnerabilities were identified by researchers at cybersecurity firm Positive Technologies, which disclosed its findings this week after the vendor released advisories and announced the availability of patches.
When Troy Hunt launched Have I Been Pwned in late 2013, he wanted it to answer a simple question: Have you fallen victim to a data breach?
A previously unknown flaw in the videoconferencing software Zoom could allow a hacker to remotely commandeer computers running old versions of the Microsoft Windows operating system, security researchers said Thursday. A hacker who successfully exploits the vulnerability could access files on the vulnerable computer, said Mitja Kolsek, chief executive of ACROS Security, the Slovenian cybersecurity firm that highlighted the issue.
The sale is "an end-run around the usual legal processes."
Corporate victims are finally starting to realize that ransomware attacks are data breaches and have begun to notify employees and clients about data stolen data. A tactic used by almost all enterprise-targeting ransomware is to steal unencrypted files before encrypting a breached network.
As I on June 23, Apple has fixed a serious problem in iOS 14, due in the fall, where apps can secretly access the clipboard on users' devices. Once the new OS is released, users will be warned whenever an app reads the last thing copied to the clipboard.
Mozilla has temporarily suspended the Firefox Send file-sharing service as the organization investigates reports of abuse from malware operators and while it adds a "Report abuse" button. The browser maker took down the service today after ZDNet reached out to inquire about Firefox Send's increasing prevalence in current malware operations.
European Police Arrested Hundreds of Criminals After Infiltrating Encrypted Chat App
An attacker scanned for databases misconfigured to expose information and wiped the data, leaving a ransom note behind. Nearly 23,000 MongoDB databases are affected in a ransomware campaign designed to wipe information from misconfigured databases lacking password protection, ZDNet reports. The attacker reportedly used an automated script to scan for exposed databases.
IT Infrastructure, Network Security, News As more organizations migrate to the cloud, cybercriminals and bad actors are following that trend and are targeting the cloud more frequently, according to a new report. And, the increased adoption of cloud services during the COVID-19 pandemic could be playing a role, says a joint report from DNS security firm EfficientIP and International Data Corp.